13 matches found
CVE-2026-45624 ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation.
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. This issue has been patched in...
CVE-2026-9185
CVE-2026-9185 affects the WordPress plugin 6Storage Rentals (versions
GHSA-G794-3FMP-753H AsyncSSH `AuthorizedKeysFile %u` path traversal allows attacker-selected authorized keys to authenticate a traversal username
Summary AsyncSSH 2.22.0 expands the OpenSSH-compatible AuthorizedKeysFile %u token with the raw SSH username during pre-authentication server config reload. A server configured with a documented per-user key pattern such as AuthorizedKeysFile authorizedkeys/%u can be made to read an authorized-ke...
PT-2024-17837
Name of the Vulnerable Software and Affected Versions Loomio version 2.22.0 Description The issue allows executing arbitrary commands on the server due to the application being vulnerable to OS Command Injection. Recommendations For Loomio version 2.22.0, update to a version that fixes the OS...
Microsoft Windows Installer Security Vulnerability
Microsoft Windows Installer is a component of the Windows operating system from Microsoft. It provides a standard basis for installing and uninstalling software. A security vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to gain elevated privileges...
CVE-2022-43232
creationtimestamp| type| source ---|---|--- 2022-10-28 22:29:47+00:00| seen| https://t.me/cibsecurity/52250...
CVE-2022-0727
creationtimestamp| type| source ---|---|--- 2022-02-23 16:16:32+00:00| seen| https://t.me/cibsecurity/37943...
CVE-2021-37441
NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring...
GHSA-4WJQ-69RC-8WCP Path Traversal in Apache Camel
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x 2.19 and earlier versions may be also affected...
camel: Directory traversal in file producer
Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x 2.19 and earlier versions may be also affected...
eQ-3 AG HomeMatic CCU2 Open XML-RPC Port Vulnerability
The eQ-3 AG Homematic CCU2 is a central control unit for controlling smart home devices from eQ-3 Germany. A security vulnerability exists in the eQ-3 AG HomeMatic CCU2 version 2.29.22. An attacker can exploit the vulnerability by sending arbitrary XML-RPC requests to control attached BidCos...
Horde Groupware SQL Injection Vulnerability
Horde Groupware is an enterprise browser based on the Communication Suite from Horde USA. The browser supports sending and receiving e-mail, managing and sharing calendars, contacts and tasks, and more. A SQL injection vulnerability exists in Horde Groupware 5.2.22 and earlier versions. A remote...
GNU glibc Information Disclosure Vulnerability
glibc is the implementation of the C library in most Linux operating systems. An information disclosure vulnerability exists in versions of GNU glibc prior to 2.22, which can be exploited by attackers to obtain sensitive information that may lead to further attacks...