130 matches found
Exploit for CVE-2026-60137
Compromise Scanner for wp2shell read-only A standalone, r...
CVE-2026-49402 Deno: Command Injection via spawnSync & spawn on Windows
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:childprocess implementation provided an escapeShellArg helper used when callers passed shell: true to spawn / spawnSync / exec and friends. On Windows, the helper failed to quote arguments that contained cmd.e...
CVE-2026-44502 Bugsink: SSRF bypass in `validate_webhook_url`
Bugsink is a self-hosted error tracking tool. Prior to 2.1.3, Bugsink’s webhook URL validation could be partially bypassed because of a mismatch in URL parsing. The original validation logic parsed webhook URLs with Python’s urllib.parse.urlparse, then sent the request with requests.post. For...
org.keycloak/keycloak-services: Open redirect when using wildcard valid redirect URIs in Keycloak
A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to redirect users to unauthorized URLs, potentially leading to the exposure of sensitive information within the domain or facilitating further...
Incorrect Authorization
Overview github.com/oauth2-proxy/oauth2-proxy is a reverse proxy that provides authentication with Google, Github or other providers. Affected versions of this package are vulnerable to Incorrect Authorization in the email domain validation. An attacker can gain unauthorized access by submitting ...
Incorrect Authorization
Overview github.com/oauth2-proxy/oauth2-proxy/v7 is a reverse proxy that provides authentication with Google, Github or other providers. Affected versions of this package are vulnerable to Incorrect Authorization in the email domain validation. An attacker can gain unauthorized access by submitti...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0.2 contained security...
CVE-2019-25515
Jettweb PHP Hazir Haber Sitesi Scripti V3 contains an authentication bypass vulnerability in the login.php administration panel that allows unauthenticated attackers to gain administrative access by submitting crafted SQL syntax. Attackers can bypass authentication by submitting equals signs and...
Your Data Lake Is Turning Into a Junk Drawer? Here’s How to Clean It Up
Data lakes start organized but can turn into dumping grounds. Learn the signs of data lake clutter and simple steps to clean it up without rebuilding...
RuView: WiFi Signal Analyzer
RuView: WiFi DensePose turns commodity WiFi signals into real-time human pose estimation, vital sign monitoring, and presence detection, all without a single pixel of video...
CVE-2021-27408
The affected product is vulnerable to an out-of-bounds read, which can cause information leakage leading to arbitrary code execution if chained to the out-of-bounds write vulnerability on the Welch Allyn medical device management tools Welch Allyn Service Tool: versions prior to v1.10, Welch Ally...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overflow in the InterpretImageFilename function. The issue arises from an off-by-one error that causes out-of-bounds memory access when...
EUVD-2020-19773
Malware in sbrugna...
Heap Buffer Overflow
ImageMagick is vulnerable to heap buffer overflow. The vulnerability is due to an off-by-one error in the InterpretImageFilename function when handling format strings with consecutive percent signs %%, which allows an attacker to trigger out-of-bounds memory access...
GHSA-HM4X-R5HC-794F ImageMagick has a Heap Buffer Overflow in InterpretImageFilename
Heap Buffer Overflow in InterpretImageFilename Summary A heap buffer overflow was identified in the InterpretImageFilename function of ImageMagick. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs...
ImageMagick has a Heap Buffer Overflow in InterpretImageFilename
Heap Buffer Overflow in InterpretImageFilename Summary A heap buffer overflow was identified in the InterpretImageFilename function of ImageMagick. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs...
Linux Distros Unpatched Vulnerability : CVE-2025-53014
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to 7.1.2-0 and 6.9.13-26 have a heap buffer overfl...
Malicious code in test-mlw2-picra-signs (npm)
The package test-mlw2-picra-signs was found to contain malicious code...
MAL-2025-35971 Malicious code in test-mlw2-picra-signs (npm)
The package test-mlw2-picra-signs was found to contain malicious code...
OESA-2025-1911 ImageMagick security update
Use ImageMagick to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats over 200 including PNG, JPEG, GIF, HEIC, TIFF, DPX, EXR, WebP, Postscript, PDF, and SVG. Use ImageMagick to resize, flip, mirror, rotate, distort, shear and transform images,...