VulniPulse uses Google Ads measurement to understand visits from advertisements and campaign performance. It runs cookie-free until you choose — accepting enables cookies for more accurate attribution. Rejecting keeps it cookie-free and never limits the site.
See exactly what is measuredComplete feed
1111 advisories across 32 monitored vendors.
Magick.NET-Q16-OpenMP-arm64: Magick.NET-Q16-OpenMP-x64: Magick.NET-Q16-arm64: Magick.NET-Q16-x64: Magick.NET-Q16-x86: Magick.NET-Q16-HDRI-OpenMP-x64: Magick.NET-Q8-AnyCPU: Magick.NET-Q8-OpenMP-arm64: Magick.NET-Q8-OpenMP-x64: Magick.NET-Q8-arm64: Magick.NET-Q8-x64: Magick.NET-Q8-x86: ImageMagick: Denial of Service due to memory leak in PNG encoder when processing MNG images. Red Hat rates this low (CVSS 3.7). Weakness: CWE-401.
Magick.NET-Q16-arm64: Magick.NET-Q16-x86: Magick.NET-Q16-OpenMP-x64: Magick.NET-Q16-OpenMP-arm64: Magick.NET-Q16-OpenMP-x86: Magick.NET-Q16-HDRI-x64: Magick.NET-Q16-HDRI-arm64: Magick.NET-Q16-HDRI-x86: Magick.NET-Q16-HDRI-OpenMP-x64: Magick.NET-Q16-HDRI-OpenMP-arm64: Magick.NET-Q8-AnyCPU: Magick.NET-Q16-AnyCPU: Magick.NET-Q16-HDRI-AnyCPU: ImageMagick: Denial of Service via memory leak in OpenCL device profile XML parsing. Red Hat rates this low (CVSS 1.9). Weakness: CWE-401.
ImageMagick - Division by Zero in Binomial Kernel Processing. Red Hat rates this low (CVSS 3.3). Weakness: CWE-190.
Heap buffer overflow via incorrect morphology parameters. Red Hat rates this low (CVSS 3.3). Weakness: CWE-125.
Information disclosure via unvalidated JSONP callback parameter. Red Hat rates this low (CVSS 3.1). Weakness: CWE-79.
An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a remote attacker to create an account via the register function in inc/auth.php. NOTE: this is disputed by the Supplier because this is the intentional behavior when the product is configured for self-registration (a non-default feature). A flaw was found in DokuWiki. This occurs when the DokuWiki instance is configured to allow self-registration, which is not the default setting. This could lead to the creation of unauthorized user accounts. An attacker could create unauthorized user accounts if this non-default feature is enabled. Red Hat severity: Low — CVSS 3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). Weakness: CWE-306.
@anthropic-ai/claude-code: Claude Code: Arbitrary code execution through git directory confusion. Red Hat rates this important (CVSS 7.1). Weakness: CWE-59.
Security policy bypass due to improper Unicode hostname canonicalization. Red Hat rates this important (CVSS 7.5). Weakness: CWE-551.
Symlink traversal privilege escalation via libacl functions. Red Hat rates this important (CVSS 7.1). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:34351 with package acl-main-2.4.0-0.1.hum1.
Command Injection vulnerability in the JavaDoc hover provider of the vscode-java extension. Red Hat rates this important (CVSS 8.8). Weakness: CWE-88. Red Hat lists fixing advisory RHSA-2026:36820 with package devspaces/pluginregistry-rhel9:1782989367.
Improper Authorization Allows Security Constraint Bypass. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-551.
Replay attack via improper authentication in EncryptionInterceptor. Red Hat rates this moderate (CVSS 4.2). Weakness: CWE-294. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Incorrect control flow in rewrite valve allows unexpected rule processing. Red Hat rates this moderate (CVSS 6.5). Weakness: CWE-358. Red Hat lists fixing advisory RHSA-2026:29203 with package tomcat11-main-11.0.23-0.1.hum1, tomcat10-main-10.1.56-1.hum1.
Cross-Site Scripting vulnerability in number guess example. Red Hat rates this moderate (CVSS 5.4). Weakness: CWE-79. Red Hat lists fixing advisory RHSA-2026:32960 with package tomcat11-main-11.0.23-0.1.hum1.
@anthropic-ai/claude-code: Claude Code: Information disclosure and file overwrite via insecure temporary file in /copy command. Red Hat rates this moderate (CVSS 6.8). Weakness: CWE-59.
Arbitrary code execution in xmlcatalog utility via buffer overflow. Red Hat rates this moderate (CVSS 4.8). Weakness: CWE-120. Red Hat lists fixing advisory RHSA-2026:33840 with package libxml2-main-2.15.3-0.1.1.hum1.
TOCTOU Symlink Traversal via getfacl/setfacl. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-367. Red Hat lists fixing advisory RHSA-2026:34351 with package acl-main-2.4.0-0.1.hum1.
Symlink Traversal Privilege Escalation via getfattr and setfattr. Red Hat rates this moderate (CVSS 6.3). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:34889 with package attr-main-2.6.0-9.1.hum1.
Arbitrary file overwrite via insecure temporary file handling in gzexe utility. Red Hat rates this moderate (CVSS 6). Weakness: CWE-59. Red Hat lists fixing advisory RHSA-2026:33771 with package gzip-main-1.14-2.2.hum1.
In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agp_amd64_probe() A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment (e.g. qemu/kvm) without a physical AMD northbridge. The crash occurs in amd64_fetch_size() when attempting to dereference the pointer returned by node_to_amd_nb(0). The root cause of this crash is broken error propagation in agp_amd64_probe(): When no AMD northbridges are found, cache_nbs() correctly returns -ENODEV. However, the probe function erroneously checks the return value against exactly -1, rather than < 0. As a result, the hardware absence error is masked, allowing the driver to improperly proceed with initialization. It eventually calls agp_add_bridge(), which invokes amd64_fetch_size(). Since the hardware does not exist, node_to_amd_nb(0) returns NULL, leading to a General Protection Fault (GPF) when accessing its ->misc member. Fix the issue by correcting the error check in agp_amd64_probe() to abort properly when cache_nbs() returns any negative error code. This prevents the driver from erroneously proceeding without hardware, thereby avoiding the subsequent NULL pointer dereference at its source. This vulnerability occurs in virtualized environments lacking a physical AMD northbridge.