Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2014-9804 vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to "too many object." | 7.5 | HIGH | β | 0 |
| CVE-2014-9805 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9806 ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9807 The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9808 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9809 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9810 The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9811 The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9812 ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9813 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9814 ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9815 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9816 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9817 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. | 7.8 | HIGH | β | 0 |
| CVE-2014-9818 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file. | 5.5 | MEDIUM | β | 0 |
| CVE-2014-9819 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. | 7.8 | HIGH | β | 0 |
| CVE-2014-9820 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. | 7.8 | HIGH | β | 0 |
| CVE-2017-6184 In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. | N/A | NONE | β | 0 |
| CVE-2014-9821 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. | 7.8 | HIGH | β | 0 |
| CVE-2014-9822 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. | 7.8 | HIGH | β | 0 |
| CVE-2014-9823 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819. | 7.8 | HIGH | β | 0 |
| CVE-2014-9824 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825. | 7.8 | HIGH | β | 0 |
| CVE-2017-7362 Pixie 1.0.4 allows an admin/index.php s=publish&m=dynamic&x= XSS attack. | N/A | NONE | β | 0 |
| CVE-2014-9825 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. | 7.8 | HIGH | β | 0 |
| CVE-2014-9826 ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files. | N/A | NONE | β | 0 |
| CVE-2017-5184 A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow leakage of information (account enumeration). | N/A | NONE | β | 0 |
| CVE-2017-5185 A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denial of service. | N/A | NONE | β | 0 |
| CVE-2017-6182 In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. | N/A | NONE | β | 0 |
| CVE-2017-7363 Pixie 1.0.4 allows an admin/index.php s=publish&m=module&x= XSS attack. | N/A | NONE | β | 0 |
| CVE-2017-6412 In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. | N/A | NONE | β | 0 |
| CVE-2017-7253 Dahua IP Camera devices 3.200.0001.6 can be exploited via these steps: 1. Use the default low-privilege credentials to list all users via a request to a certain URI. 2. Login to the IP camera with adm... | N/A | NONE | β | 0 |
| CVE-2017-7346 The vmw_gb_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.7 does not validate certain levels data, which allows local users to cause a denial... | N/A | NONE | β | 0 |
| CVE-2016-9319 There is Missing SSL Certificate Validation in the Trend Micro Enterprise Mobile Security Android Application before 9.7.1193, aka VRTS-398. | N/A | NONE | β | 0 |
| CVE-2017-2647 The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for... | N/A | NONE | β | 0 |
| CVE-2016-2192 PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for types they do not own. | 6.5 | MEDIUM | β | 0 |
| CVE-2017-6973 A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code through a crafted 'action' parameter. This... | N/A | NONE | β | 0 |
| CVE-2017-7241 A cross-site scripting (XSS) vulnerability in the MantisBT Move Attachments page (move_attachments_page.php, part of admin tools) allows remote attackers to inject arbitrary code through a crafted 'ty... | N/A | NONE | β | 0 |
| CVE-2017-7309 A cross-site scripting (XSS) vulnerability in the MantisBT Configuration Report page (adm_config_report.php) allows remote attackers to inject arbitrary code (if CSP settings permit it) through a craf... | N/A | NONE | β | 0 |
| CVE-2017-7359 Pixie 1.0.4 allows an admin/index.php s=login&m= XSS attack. | N/A | NONE | β | 0 |
| CVE-2017-7360 Pixie 1.0.4 allows an admin/index.php s=settings&x= XSS attack. | N/A | NONE | β | 0 |
| CVE-2017-7361 Pixie 1.0.4 allows an admin/index.php s=publish&m=static&x= XSS attack. | N/A | NONE | β | 0 |
| CVE-2008-7313 The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796. | N/A | NONE | β | 0 |
| CVE-2014-5008 Snoopy allows remote attackers to execute arbitrary commands. | N/A | NONE | β | 0 |
| CVE-2014-5009 Snoopy allows remote attackers to execute arbitrary commands. NOTE: this vulnerability exists due to an incomplete fix for CVE-2014-5008. | N/A | NONE | β | 0 |
| CVE-2015-4624 Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. | N/A | NONE | β | 0 |
| CVE-2016-6209 Cross-site scripting (XSS) vulnerability in Nagios. | N/A | NONE | β | 0 |
| CVE-2016-3066 The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard. | N/A | NONE | β | 0 |
| CVE-2017-3009 Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow vulnerability in the JPEG2000 parser. Successful exploitation ... | N/A | NONE | β | 0 |
| CVE-2017-3010 Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the rendering engine. Successful exploitati... | N/A | NONE | β | 0 |
| CVE-2016-6022 IBM Quality Manager (RQM) 4.0, 5.0, and 6.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended function... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.