|
1061
|
5.5 |
MEDIUM
Local
|
-
|
-
|
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could trigger an overflow when a user opens it in…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-42050
|
2026-05-12 05:25 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1062
|
6.2 |
MEDIUM
Local
|
-
|
-
|
OpenMcdf is a fully .NET / C# library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to version 3.1.3, OpenMcdf does not detect cycles in the directory …
Update
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-41511
|
2026-05-12 05:25 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1063
|
9.8 |
CRITICAL
Network
|
-
|
-
|
RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to c…
Update
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2025-69599
|
2026-05-12 05:25 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1064
|
9.8 |
CRITICAL
Network
|
-
|
-
|
1C-Bitrix through 25.100.500 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess fil…
Update
|
CWE-94
Code Injection
|
CVE-2025-67887
|
2026-05-12 05:25 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1065
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: validate user queue size constraints
Add validation to ensure user queue sizes meet hardware requirements:
- Size mus…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43195
|
2026-05-12 05:21 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1066
|
7.5 |
HIGH
Network
|
-
|
-
|
Alkacon OpenCms before 16 allows XXE when the <!DOCTYPE> refers to an external host.
Update
|
CWE-611
XXE
|
CVE-2023-42346
|
2026-05-12 05:20 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1067
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
APEI/GHES: ARM processor Error: don't go past allocated memory
If the BIOS generates a very small ARM Processor Error, or
an inco…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43201
|
2026-05-12 05:20 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1068
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query
Fix a "scheduling while atomic" bug in mlx5e_ipsec_init_macs(…
Update
|
NVD-CWE-noinfo
|
CVE-2026-43199
|
2026-05-12 05:12 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1069
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
tcp: fix potential race in tcp_v6_syn_recv_sock()
Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()
is done…
Update
|
CWE-362
Race Condition
|
CVE-2026-43198
|
2026-05-12 05:12 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1070
|
9.1 |
CRITICAL
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netconsole: avoid OOB reads, msg is not nul-terminated
msg passed to netconsole from the console subsystem is not guaranteed
to b…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-43197
|
2026-05-12 05:11 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
