Lucene search
+L
SnykMost viewed

35936 matches found

snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the JP2 encoder. An attacker can cause a single-byte heap buffer overwrite by specifying certain options. Remediation A fix was pushed into the master branch but not yet published. References - GitHub Advisory -...

6.2CVSS5.9AI score0.00116EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion in the fx operation. An attacker can cause a denial of service by supplying a specially crafted argument that triggers a stack overflow. Remediation A fix was pushed into the master branch but not yet published...

6.9CVSS5.8AI score0.0012EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Uncontrolled Recursion

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

6.9CVSS5.8AI score0.0012EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Use After Free

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Use After Free

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Use After Free

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Infinite loop

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.01849EPSS
Exploits4References2
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Infinite loop

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.01849EPSS
Exploits4References2
snyk
snyk
added 2026/05/18 8:37 p.m.12 views

Infinite loop

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

8.7CVSS5.8AI score0.01849EPSS
Exploits4References2
snyk
snyk
added 2026/05/18 8:36 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:36 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:36 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:36 p.m.12 views

Out-of-bounds Write

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.7CVSS5.8AI score0.00441EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:33 p.m.12 views

Uncontrolled Recursion

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:33 p.m.12 views

Uncontrolled Recursion

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:33 p.m.12 views

Uncontrolled Recursion

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

7.5CVSS5.8AI score0.00441EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:33 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:33 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 8:33 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 7:10 p.m.12 views

Infinite loop

Overview Microsoft.AspNetCore.App.Runtime.linux-musl-arm64 is a package providing a default set of APIs for building an ASP.NET Core application. Contains assets used for self-contained deployments. Affected versions of this package are vulnerable to Infinite loop in the...

8.7CVSS5.8AI score0.0243EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:53 p.m.12 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

7.5CVSS5.8AI score0.00495EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:53 p.m.12 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

7.5CVSS5.8AI score0.00495EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:53 p.m.12 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

7.5CVSS5.8AI score0.00495EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:48 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 5:48 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 5:48 p.m.12 views

Improper Validation of Array Index

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

7.1CVSS5.9AI score0.00122EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 5:44 p.m.12 views

Incorrect Authorization

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Incorrect Authorization through the row action trigger process. An attacker can gain unauthorized access to data and perform actions on database rows outside their permitted scope by supplying a...

5.4CVSS5.8AI score0.00146EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:40 p.m.12 views

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:multiparty is a multipart/form-data parser which supports streaming Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the Content-Disposition filename parameter parsing. An attacker can cause excessive resource consumption...

8.7CVSS5.8AI score0.00335EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 5:35 p.m.12 views

Uncaught Exception

Overview org.webjars.npm:multiparty is a multipart/form-data parser which supports streaming Affected versions of this package are vulnerable to Uncaught Exception through the parsing of multipart/form-data requests containing field names that collide with inherited Object.prototype properties. A...

8.7CVSS5.8AI score0.00473EPSS
Exploits1References2
snyk
snyk
added 2026/05/18 5:27 p.m.12 views

Use of a Broken or Risky Cryptographic Algorithm

Overview sulu/sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Affected versions of this package are vulnerable to Use of a Broken or Risky Cryptographic Algorithm due to the use of a weak cryptographical hash algorithm in the User.php and...

6.9CVSS5.8AI score0.00193EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 3:31 p.m.12 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 3:31 p.m.12 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 3:31 p.m.12 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 3:31 p.m.12 views

Integer Underflow (Wrap or Wraparound)

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

5.1CVSS5.8AI score0.0012EPSS
Exploits0References3
snyk
snyk
added 2026/05/18 12:31 p.m.12 views

Deserialization of Untrusted Data

Overview sglang is a SGLang is a fast serving framework for large language models and vision language models. Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the --enable-custom-logit-processor option, which allows untrusted Python objects to be...

9.8CVSS6.1AI score0.00585EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 11:47 a.m.12 views

Insufficiently Protected Credentials

Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the Slack import process. An attacker can gain unauthorized access to user accounts by obtaining disclosed passwords and impersonating users. Remediation Upgrade...

8.5CVSS5.8AI score0.00231EPSS
Exploits0References2
snyk
snyk
added 2026/05/18 1:32 a.m.12 views

Server-side Request Forgery (SSRF)

Overview ai is an AI SDK by Vercel - The AI Toolkit for TypeScript and JavaScript Affected versions of this package are vulnerable to Server-side Request Forgery SSRF due to the order of operations in the validateDownloadUrl implementation in download-blob.ts and download.ts. The fetch operation...

7.5CVSS7.2AI score0.00385EPSS
Exploits1References2
snyk
snyk
added 2026/05/17 9:0 p.m.12 views

Malicious Package

Overview axois-utils is a malicious package. This package contains malicious code that includes infostealer malware, one of which is a Shai-Hulud clone following the TeamPCP open source release, and one DDoS botnet package. While this package might be attempting to impersonate a valid organizatio...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/16 12:0 a.m.12 views

Improper Isolation or Compartmentalization

Overview @boxlite-ai/boxlite is a BoxLite - Embeddable micro-VM runtime for secure, isolated code execution Affected versions of this package are vulnerable to Improper Isolation or Compartmentalization in the mounting of host directories in read-only mode into VM. An attacker can gain unauthoriz...

10CVSS5.9AI score0.00289EPSS
Exploits0References2
snyk
snyk
added 2026/05/16 12:0 a.m.12 views

Symlink Attack

Overview boxlite is a Python bindings for Boxlite runtime Affected versions of this package are vulnerable to Symlink Attack via improper path resolution during extraction of OCI image layer tarballs. An attacker can write arbitrary files to locations outside the intended extraction root by...

9.6CVSS5.9AI score0.00482EPSS
Exploits0References2
snyk
snyk
added 2026/05/15 5:47 p.m.12 views

Server-side Request Forgery (SSRF)

Overview @budibase/server is a Budibase Web Server Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the processUrlFile function. An attacker can access internal network resources and sensitive cloud metadata by supplying crafted URLs that target internal or...

7.7CVSS5.8AI score0.00258EPSS
Exploits0References2
snyk
snyk
added 2026/05/15 10:43 a.m.12 views

Malicious Package

Overview browser-interaction-time-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/15 10:40 a.m.12 views

Malicious Package

Overview agents-a365-runtime is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/15 10:40 a.m.12 views

Malicious Package

Overview apple-internal-pki-trust is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/15 8:46 a.m.12 views

Malicious Package

Overview ms-graph-types is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/15 8:46 a.m.12 views

Malicious Package

Overview microsoft-applicationinsights-common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization a...

9.8CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/05/14 8:46 p.m.12 views

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the regConfig parameter in full-text search APIs. An attacker can execute arbitrary SQL commands by supplying crafted input to the regConfig parameter, which is interpolated directly into SQL statements without...

9.8CVSS6.1AI score0.00375EPSS
Exploits0References2
snyk
snyk
added 2026/05/14 8:27 p.m.12 views

Cross-site Scripting (XSS)

Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Cross-site Scripting XSS via the profileimageurl process. An attacker can execute arbitrary JavaScript in the context of another authenticated user's session by crafting a malicious SVG image as their OAuth...

8.5CVSS5.8AI score
Exploits0References2
Total number of security vulnerabilities5000