Lucene search
+L

35936 matches found

snyk
snyk
added 2026/07/01 7:25 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.3 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.3 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.3 views

Integer Overflow or Wraparound

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.3 views

Integer Overflow or Wraparound

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.3 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.4 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.5 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the XCF decoder when processing crafted image files. An attacker can cause a crash or read sensitive memory contents by supplying a specially crafted image file. Remediation A fix was pushed into the...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.3 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.5 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:25 p.m.3 views

Integer Overflow or Wraparound

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.8CVSS6AI score0.0022EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-HDRI-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.4 views

External Control of File Name or Path

Overview Magick.NET-Q16-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.5 views

External Control of File Name or Path

Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.5 views

External Control of File Name or Path

Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.4 views

External Control of File Name or Path

Overview Magick.NET-Q16-HDRI-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package a...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.5 views

External Control of File Name or Path

Overview Affected versions of this package are vulnerable to External Control of File Name or Path via the -concatenate operation due to missing policy checks. An attacker can access or modify files outside of intended directories by leveraging this operation to bypass security policies...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.4 views

External Control of File Name or Path

Overview Magick.NET-Q16-HDRI-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.4 views

External Control of File Name or Path

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.4 views

External Control of File Name or Path

Overview Magick.NET-Q8-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-HDRI-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.3 views

External Control of File Name or Path

Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

8.5CVSS6AI score0.00098EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Compose.php process. An attacker can access arbitrary files on the server by crafting image source URLs containing traversal sequences after a valid CKEditor path prefix, which bypasses prefix validation and...

7.1CVSS6.5AI score0.00379EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.6 views

Improper Encoding or Escaping of Output

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output via improper output neutralization for logs. An attacker can manipulate log entries by...

8CVSS6AI score0.00201EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview org.elasticsearch:elasticsearch is a Distributed, RESTful Search Engine. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the bulk request processing. An attacker can exhaust system resources and cause service disruption by...

7.1CVSS6AI score0.00251EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.9 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of enforced limits in the HPackDecoder process. An attacker can exhaust system memory by sending oversized compressed header blocks before the HTTP/2 SETTINGS...

7.5CVSS6.1AI score0.00587EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:24 p.m.4 views

Directory Traversal

Overview github.com/hashicorp/vault/vault is a tool for securely accessing secrets. Affected versions of this package are vulnerable to Directory Traversal in the audit device validation logic when the legacy file audit path option is enabled. An attacker can access unauthorized directories by...

5.9CVSS6.6AI score0.00278EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:1 p.m.6 views

Unprotected Alternate Channel

Overview repomix is an A tool to pack repository contents to single file for AI consumption Affected versions of this package are vulnerable to Unprotected Alternate Channel through the attachpackedoutput process. An attacker can access sensitive information from arbitrary local .json, .txt, .md,...

6.9CVSS6AI score0.00169EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 7:0 p.m.6 views

Arbitrary Argument Injection

Overview repomix is an A tool to pack repository contents to single file for AI consumption Affected versions of this package are vulnerable to Arbitrary Argument Injection via unsanitized input to the remoteBranch parameter in the execGitShallowClone process. An attacker can execute arbitrary...

8.8CVSS6.2AI score0.00697EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 6:57 p.m.8 views

Timing Attack

Overview pay is a package for processing payments in Ruby on Rails apps Affected versions of this package are vulnerable to Timing Attack via the validsignature? function. An attacker can recover valid webhook signatures by sending multiple requests with crafted Paddle-Signature header values and...

9.1CVSS6AI score
Exploits0References2
snyk
snyk
added 2026/07/01 6:55 p.m.4 views

Incorrect Authorization

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization in the checkSecurity process. An attacker can execute unauthorized filters, tags, or functions by manipulating the sandbox state between render...

8.7CVSS6AI score0.00414EPSS
Exploits0References3
snyk
snyk
added 2026/07/01 6:47 p.m.6 views

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the UnmarshalJSON function when processing attacker-controlled short ciphertexts. An attacker can cause the server to panic and disrupt service by submitting a specially crafted JSON payload with a...

5.3CVSS6AI score
Exploits0References2
snyk
snyk
added 2026/07/01 6:41 p.m.4 views

Unsafe Dependency Resolution

Overview neuro-cortex-memory is a Scientifically-grounded memory system based on computational neuroscience research Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the CLAUDEPROJECTDIR environment variable, which is treated as a trusted source directory witho...

8.5CVSS6.2AI score
Exploits0References2
snyk
snyk
added 2026/07/01 6:19 p.m.7 views

Cross-site Scripting (XSS)

Overview wetty is a WeTTY = Web + TTY. Terminal access in browser over http/https Affected versions of this package are vulnerable to Cross-site Scripting XSS via the onCompleteFile process. An attacker can execute arbitrary JavaScript in the context of the user's browser and inject keystrokes in...

8.6CVSS5.8AI score
Exploits0References2
snyk
snyk
added 2026/07/01 6:19 p.m.6 views

External Control of File Name or Path

Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to External Control of File Name or Path via the H5IOStore.verifydataset function and the fileeditor.py process. An attacker can access arbitrary files on the filesystem by...

6.8CVSS6.3AI score0.00127EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 6:19 p.m.8 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the HTTP/1.1 message parsing process. An attacker can exhaust system memory by sending messages with an excessive number of headers or excessively long headers. Remediation Upgrad...

7.5CVSS6AI score0.00587EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 6:19 p.m.5 views

Allocation of Resources Without Limits or Throttling

Overview org.elasticsearch:elasticsearch is a Distributed, RESTful Search Engine. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the machine learning request process. An attacker can exhaust system memory and render the affected node...

6.9CVSS6AI score0.00324EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 6:19 p.m.2 views

Insertion of Sensitive Information into Log File

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the APM instrumentation. An attacker can obtain sensitive information by...

5.9CVSS6AI score0.00211EPSS
Exploits0References2
snyk
snyk
added 2026/07/01 6:18 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the upload endpoint. An attacker can exhaust system memory by submitting specially crafted requests, potentially causing the service to become unavailable. Remediation Upgrade...

7.5CVSS6AI score0.00312EPSS
Exploits0References2
Total number of security vulnerabilities35936