Uncontrolled Recursion

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Uncontrolled Recursion

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion via the DrawPrimitive function in the draw.c file. An attacker can cause a stack overflow and application crash by providing MVG files containing circular references. Remediation A fix was pushed into the master...

ImageMagick's failure to limit MVG mutual causes Stack Overflow

Summary Magick fails to check for circular references between two MVGs, leading to a stack overflow. Details After reading mvg1 using Magick, the following is displayed: ./magick -limit memory 2GiB -limit map 2GiB -limit disk 0 mvg:L1.mvg out.png AddressSanitizer:DEADLYSIGNAL...

GHSA-P27M-HP98-6637 ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack

Summary Using Magick to read a malicious SVG file resulted in a DoS attack. Details bt obtained using gdb: 4 0x0000555555794c9c in ResizeMagickMemory memory=0x7fffee203800, size=391344 at MagickCore/memory.c:1443 5 0x0000555555794e5a in ResizeQuantumMemory memory=0x7fffee203800, count=48918,...

ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack

Summary Using Magick to read a malicious SVG file resulted in a DoS attack. Details bt obtained using gdb: 4 0x0000555555794c9c in ResizeMagickMemory memory=0x7fffee203800, size=391344 at MagickCore/memory.c:1443 5 0x0000555555794e5a in ResizeQuantumMemory memory=0x7fffee203800, count=48918,...

SUSE-SU-2026:20054-1 Security update for capstone

This update for capstone fixes the following issues: - CVE-2025-67873: missing bounds check on user-provided skipdata callback can lead to a heap buffer overflow bsc1255309. - CVE-2025-68114: unchecked vsnprintf return value can lead to a stack buffer overflow bsc1255310...

CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

UBUNTU-CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-68950 Magick's failure to limit MVG mutual references forming a loop

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-68950 Magick's failure to limit MVG mutual references forming a loop

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-68950 Magick's failure to limit MVG mutual references forming a loop

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-68950

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-12, Magick fails to check for circular references between two MVGs, leading to a stack overflow. This is a DoS vulnerability, and any situation that allows reading the mvg file wi...

CVE-2025-68950

ImageMagick (affected component: MVG handling) is vulnerable to a DoS due to Magick failing to detect circular references between two MVGs, causing a stack overflow when reading an MVG file. The issue is fixed in version 7.1.2-12; upgrade to 7.1.2-12 or later to remediate.

CVE-2025-15255

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...

CVE-2025-15255

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...

CVE-2025-15255 Tenda W6-S R7websSsecurityHandler httpd stack-based overflow

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...

CVE-2025-15255

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...

EUVD-2025-205819

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has bee...