|
701
|
5.5 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation has an out of bounds read when an s…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-33905
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
7.5 |
HIGH
Network
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the `DestroyX…
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-33908
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
6.2 |
MEDIUM
Local
|
-
|
-
|
jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath(), and delpaths_sorted() in jq's src/jv_aux.c use unbounded recursion whose depth is controlled by…
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-33947
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
5.1 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow in the despeckle operation causes a h…
|
CWE-190
CWE-787
Integer Overflow or Wraparound
Out-of-bounds Write
|
CVE-2026-34238
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
6.2 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in an out of bounds heap write when writing a y…
|
CWE-122
CWE-787
Heap-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-40169
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
5.5 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap write overflow when a user specifies that the im…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-40183
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
5.5 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds write in the JP2 encoder with w…
|
CWE-122
CWE-787
Heap-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-40310
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
5.5 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability that can cause a crash…
|
CWE-416
CWE-693
Use After Free
Protection Mechanism Failure
|
CVE-2026-40311
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
6.2 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in the MSL decoder could result in a crash when a malico…
|
CWE-193
Off-by-one Error
|
CVE-2026-40312
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
6.1 |
MEDIUM
Local
|
-
|
-
|
jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes its arguments directly to jv_string_indexes() with…
|
CWE-125
CWE-476
CWE-843
Out-of-bounds Read
NULL Pointer Dereference
Type Confusion
|
CVE-2026-39956
|
2026-04-18 00:26 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
