SUSE CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

Linux Distros Unpatched Vulnerability : CVE-2026-25966

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped secure security policy includes a rule intended to...

GHSA-XWC6-V6G8-PW2H ImageMagick's Security Policy Bypass through config/policy-secure.xml via "fd handler" leads to stdin/stdout access

The shipped “secure” security policy includes a rule intended to prevent reading/writing from standard streams: xml However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. This path form is not blocked by the secure policy templates, and therefore bypasses the protection goal of...

DEBIAN-CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

CVE-2026-25965 ImageMagick's policy bypass through path traversal allows reading restricted content despite secured policy

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/ can be...

PT-2026-21626

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

CVE-2022-38165

Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server...

CVE-2022-38162

Reflected cross-site scripting XSS vulnerabilities in WithSecure through 2022-08-10 exists within the F-Secure Policy Manager due to an unvalidated parameter in the endpoint, which allows remote attackers to provide a malicious input...

EUVD-2011-1117

Malware in sbrugna...

EUVD-2007-2956

Malware in sbrugna...

EUVD-2004-1220

Malware in sbrugna...

EUVD-2022-40759

Malicious code in bioql PyPI...

EUVD-2022-40762

Malicious code in bioql PyPI...

Ivanti Releases Security Updates for Connect Secure, Policy Secure, and ZTA Gateways

Updated April 8, 2025 CISA updated these mitigations based on identification of a new malware variant called RESURGE that could undermine the effectiveness of the mitigations previously provided. For more information on RESURGE, see MAR-25993211.R1.V1.CLEAR and CISA Releases Malware Analysis Repo...

Vulnerability fixed in F-Secure Policy Manager

A vulnerability has been fixed in F-Secure Policy Manager from WithSecure. The vulnerability allows an authenticated malicious person able to write files to the server on which the application is running on. This can have several possible types of impact have, such as denial of service or executi...

CVE-2022-38165

Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server...

Design/Logic Flaw

Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server...

CVE-2022-38165

Arbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitrary locations on the F-Secure Policy Manager Server...

F-Secure Policy Manager 安全漏洞

F-Secure Policy Manager is an enterprise security solution from Finnish company F-Secure. A security vulnerability exists in F-Secure Policy Manager that originates from a file whose contents can be written in any location by an unauthenticated user, which can be exploited by an attacker to write...