Lucene search
+L
AlpinelinuxRecent

13035 matches found

alpinelinux
alpinelinux
•added 2026/02/24 1:33 p.m.•3 views

CVE-2026-2761

Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.8AI score0.00395EPSS
Exploits0References6
alpinelinux
alpinelinux
•added 2026/02/24 1:33 p.m.•4 views

CVE-2026-2762

Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00543EPSS
Exploits0References5
alpinelinux
alpinelinux
•added 2026/02/24 1:33 p.m.•3 views

CVE-2026-2760

Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.8AI score0.00395EPSS
Exploits0References6
alpinelinux
alpinelinux
•added 2026/02/24 1:32 p.m.•3 views

CVE-2026-2759

Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00395EPSS
Exploits0References6
alpinelinux
alpinelinux
•added 2026/02/24 1:32 p.m.•4 views

CVE-2026-2758

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00477EPSS
Exploits0References6
alpinelinux
alpinelinux
•added 2026/02/24 1:32 p.m.•2 views

CVE-2026-2757

Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

9.8CVSS5.8AI score0.00491EPSS
Exploits0References6
alpinelinux
alpinelinux
•added 2026/02/24 7:58 a.m.•6 views

CVE-2026-1229

The CombinedMult function in the CIRCL ecc/p384 package secp384r1 curve produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in v1.6.3...

9.8CVSS7.8AI score0.00397EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 2:26 a.m.•7 views

CVE-2026-26981

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

6.5CVSS5.4AI score0.00523EPSS
Exploits1References3
alpinelinux
alpinelinux
•added 2026/02/24 2:1 a.m.•2 views

CVE-2026-26983

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the MSL interpreter crashes when processing a invalid element that causes it to use an image after it has been freed. Versions 7.1.2-15 and 6.9.13-40 contain a...

5.3CVSS5.4AI score0.0045EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 2:0 a.m.•5 views

CVE-2026-26284

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick lacks proper boundary checking when processing Huffman-coded data from PCD Photo CD files. The decoder contains an function that has an incorrect...

9.1CVSS5.5AI score0.00404EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:55 a.m.•4 views

CVE-2026-26283

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a continue statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger ...

7.5CVSS5.6AI score0.00327EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:52 a.m.•3 views

CVE-2026-26066

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted profile contain invalid IPTC data may cause an infinite loop when writing it with IPTCTEXT. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

7.5CVSS5.5AI score0.00327EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:50 a.m.•3 views

CVE-2026-25989

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file can cause a denial of service. An off-by-one boundary check instead of = that allows bypass the guard and reach an undefined sizet cast...

7.5CVSS5.6AI score0.00594EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:48 a.m.•6 views

CVE-2026-25988

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, sometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks. Versions 7.1.2-15 and 6.9.13-4...

7.5CVSS5.5AI score0.00438EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:46 a.m.•3 views

CVE-2026-25987

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory...

9.1CVSS5.8AI score0.0037EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:44 a.m.•2 views

CVE-2026-25986

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer overflow write vulnerability exists in ReadYUVImage coders/yuv.c when processing malicious YUV 4:2:2 NoInterlace images. The pixel-pair loop write...

9.8CVSS5.9AI score0.00461EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:43 a.m.•4 views

CVE-2026-25985

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate 674 GB of memory, leading to an out-of-memory abort. Versions...

7.5CVSS5.5AI score0.00501EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:41 a.m.•3 views

CVE-2026-25983

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it,...

9.8CVSS5.5AI score0.00435EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:40 a.m.•2 views

CVE-2026-25982

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap out-of-bounds read vulnerability exists in the coders/dcm.c module. When processing DICOM files with a specific configuration, the decoder loop incorrect...

6.5CVSS5.5AI score0.0034EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:39 a.m.•4 views

CVE-2026-25971

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for circular references between two MSLs, leading to a stack overflow. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

9.8CVSS5.6AI score0.00208EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:35 a.m.•2 views

CVE-2026-25970

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a...

7.5CVSS5.9AI score0.00275EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:33 a.m.•6 views

CVE-2026-25969

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak exists in coders/ashlar.c. The WriteASHLARImage allocates a structure. However, when an exception is thrown, the allocated memory is not properly released,...

7.5CVSS5.5AI score0.0036EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:30 a.m.•1 views

CVE-2026-25968

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption. Versio...

9.8CVSS5.8AI score0.00272EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:29 a.m.•6 views

CVE-2026-25967

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a stack-based buffer overflow exists in the ImageMagick FTXT image reader. A crafted FTXT file can cause out-of-bounds writes on the stack, leading to a crash. Version 7.1.2-1...

7.5CVSS6AI score0.00319EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:27 a.m.•3 views

CVE-2026-25966

ImageMagick is free and open-source software used for editing and manipulating digital images. The shipped "secure" security policy includes a rule intended to prevent reading/writing from standard streams. However, ImageMagick also supports fd: pseudo-filenames e.g., fd:0, fd:1. Prior to version...

7.8CVSS5.6AI score0.00135EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:20 a.m.•3 views

CVE-2026-25965

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, ImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/ can be...

8.6CVSS5.6AI score0.00671EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:18 a.m.•5 views

CVE-2026-25898

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the UIL and XPM image encoder do not validate the pixel index value returned by GetPixelIndex before using it as an array subscript. In HDRI builds, Quantum is ...

9.1CVSS5.9AI score0.00348EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:16 a.m.•5 views

CVE-2026-25897

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, an Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds heap write. Versio...

9.8CVSS5.6AI score0.00302EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:5 a.m.•3 views

CVE-2026-25799

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resultin...

7.5CVSS5.5AI score0.00385EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:2 a.m.•3 views

CVE-2026-25798

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted imag...

7.5CVSS5.6AI score0.00429EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 1:1 a.m.•3 views

CVE-2026-25797

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...

5.7CVSS5.9AI score0.00161EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:57 a.m.•3 views

CVE-2026-25796

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in ReadSTEGANOImage coders/stegano.c, the watermark Image object is not freed on three early-return paths, resulting in a definite memory leak 13.5KB+ per...

7.5CVSS5.6AI score0.00376EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:54 a.m.•4 views

CVE-2026-25795

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, in ReadSFWImage coders/sfw.c, when temporary file creation fails, readinfo is destroyed before its filename member is accessed, causing a NULL pointer dereferen...

7.5CVSS5.5AI score0.00376EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:53 a.m.•8 views

CVE-2026-25794

ImageMagick is free and open-source software used for editing and manipulating digital images. WriteUHDRImage in coders/uhdr.c uses int arithmetic to compute the pixel buffer size. Prior to version 7.1.2-15, when image dimensions are large, the multiplication overflows 32-bit int, causing an...

8.2CVSS5.8AI score0.0042EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:49 a.m.•3 views

CVE-2026-25638

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, memory leak exists in coders/msl.c. In the WriteMSLImage function of the msl.c file, resources are allocated. But the function returns early without releasing...

5.3CVSS5.5AI score0.00325EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:48 a.m.•5 views

CVE-2026-25637

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-15, a memory leak in the ASHLAR image writer allows an attacker to exhaust process memory by providing a crafted image that results in small objects that are allocated but never...

5.3CVSS5.9AI score0.00384EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:38 a.m.•2 views

CVE-2026-25576

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larg...

5.5CVSS6AI score0.00181EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:34 a.m.•2 views

CVE-2026-24485

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, when a PCD file does not contain a valid Sync marker, the DecodeImage function becomes trapped in an infinite loop while searching for the Sync marker, causing...

7.5CVSS5.9AI score0.00449EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:31 a.m.•3 views

CVE-2026-24484

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, Magick fails to check for multi-layer nested mvg conversions to svg, leading to DoS. Versions 7.1.2-15 and 6.9.13-40 contain a patch...

5.3CVSS5.9AI score0.00401EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/24 12:29 a.m.•4 views

CVE-2026-24481

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, a heap information disclosure vulnerability exists in ImageMagick's PSD Adobe Photoshop format handler. When processing a maliciously crafted PSD file containin...

7.5CVSS5.5AI score0.00348EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/23 10:17 p.m.•6 views

CVE-2026-3063

Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. Chromium security severity: High...

8.8CVSS5.5AI score0.00184EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/23 10:17 p.m.•5 views

CVE-2026-3062

Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

9.8CVSS5.7AI score0.0034EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/23 10:17 p.m.•7 views

CVE-2026-3061

Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

9.1CVSS5.6AI score0.00305EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/23 7:43 p.m.•21 views

CVE-2026-27623

Valkey is a distributed key-value database. Starting in version 9.0.0 and prior to version 9.0.3, a malicious actor with network access to Valkey can cause the system to abort by triggering an assertion. When processing incoming requests, the Valkey system does not properly reset the networking...

7.5CVSS5.6AI score0.00353EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/23 7:41 p.m.•2 views

CVE-2026-21863

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious actor with access to the Valkey clusterbus port can send an invalid packet that may cause an out bound read, which might result in the system crashing. The Valkey clusterbus packet processin...

7.5CVSS5.8AI score0.00552EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/23 7:39 p.m.•3 views

CVE-2025-67733

Valkey is a distributed key-value database. Prior to versions 9.0.2, 8.1.6, 8.0.7, and 7.2.12, a malicious user can use scripting commands to inject arbitrary information into the response stream for the given client, potentially corrupting or returning tampered data to other users on the same...

8.5CVSS5.7AI score0.00586EPSS
Exploits0
alpinelinux
alpinelinux
•added 2026/02/23 12:0 a.m.•3 views

CVE-2025-61147

strukturag libde265 commit d9fea9d wa discovered to contain a segmentation fault via the component decodercontext::computeframedroptable...

6.2CVSS5.7AI score0.00159EPSS
Exploits1References3
alpinelinux
alpinelinux
•added 2026/02/21 2:32 p.m.•3 views

CVE-2026-2869

A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is the function janetcvarset of the file src/core/specials.c of the component handleattr Handler. The manipulation leads to out-of-bounds read. The attack can only be performed from a local environment...

5.5CVSS4.2AI score0.0018EPSS
Exploits1References8
alpinelinux
alpinelinux
•added 2026/02/21 8:5 a.m.•6 views

CVE-2026-27470

ZoneMinder is a free, open source closed-circuit television software application. In versions 1.36.37 and below and 1.37.61 through 1.38.0, there is a second-order SQL Injection vulnerability in the web/ajax/status.php file within the getNearEvents function. Event field values specifically Name a...

8.8CVSS6.4AI score0.0048EPSS
Exploits2
alpinelinux
alpinelinux
•added 2026/02/21 5:15 a.m.•1 views

CVE-2026-27199

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safejoin function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that...

6.3CVSS5.8AI score0.00556EPSS
Exploits1
Total number of security vulnerabilities13035