2509 matches found
CVE-2026-32109
Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...
PYSEC-2026-32
Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...
PYSEC-2026-32
Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...
CVE-2026-32109 Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`
Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...
CVE-2026-32109 Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`
Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...
CVE-2025-41710
An unauthenticated remote attacker may use hardcodes credentials to get access to the previously activated FTP Server with limited read and write privileges...
SUSE CVE-2026-28689
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write. This...
EUVD-2026-10382
ImageMagick has a Path Policy TOCTOU symlink race bypass...
EUVD-2026-10381
ImageMagick has a Path Policy TOCTOU symlink race bypass...
ImageMagick has a Path Policy TOCTOU symlink race bypass
domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write...
CVE-2025-41709
An unauthenticated remote attacker can perform a command injection via Modbus-TCP or Modbus-RTU to gain read and write access on the affected device...
CVE-2026-28689
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write. This...
UBUNTU-CVE-2026-28693
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...
UBUNTU-CVE-2026-28689
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write. This...
ImageMagick 安全漏洞
ImageMagick is a set of open-source image processing software developed by the ImageMagick project. It allows for reading, converting, and writing images in various formats. Versions of ImageMagick prior to 7.1.2-16 and 6.9.13-41 contained security vulnerabilities. These vulnerabilities stemmed...
PT-2026-24616
domain="path" authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write...
Linux Distros Unpatched Vulnerability : CVE-2026-28689
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, domain=path authorizati...
Out-of-bounds Write
Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2026-28693 ImageMagick has an integer overflow in DIB coder can result in out of bounds read or write
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...
CVE-2026-28693 ImageMagick has an integer overflow in DIB coder can result in out of bounds read or write
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an integer overflow in DIB coder can result in out of bounds read or write. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41...