Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9818 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file. | |||||
| CVE-2014-9817 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. | |||||
| CVE-2016-6807 | 1 Apache | 1 Ambari | 2017-04-04 | 7.5 HIGH | 9.8 CRITICAL |
| Custom commands may be executed on Ambari Agent (2.4.x, before 2.4.2) hosts without authorization, leading to unauthorized access to operations that may affect the underlying system. Such operations are invoked by the Ambari Agent process on Ambari Agent hosts, as the user executing the Ambari Agent process. | |||||
| CVE-2014-9816 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. | |||||
| CVE-2014-9813 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. | |||||
| CVE-2014-9814 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file. | |||||
| CVE-2016-10306 | 1 Trango | 4 A600-19-us, A600-25-us, A600-ext-us and 1 more | 2017-04-04 | 10.0 HIGH | 9.8 CRITICAL |
| Trango Altum AC600 devices have a built-in, hidden root account, with a default password of abcd1234. This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded UNIX OS on the device, allowing full control over it. | |||||
| CVE-2016-10308 | 1 Siklu | 7 Etherhaul-5500fd, Etherhaul 500tx, Etherhaul 60ghz V-band Radio and 4 more | 2017-04-04 | 10.0 HIGH | 9.8 CRITICAL |
| Siklu EtherHaul radios before 3.7.1 and 6.x before 6.9.0 have a built-in, hidden root account, with an unchangeable password that is the same across all devices. This account is accessible via both SSH and the device's web interface and grants access to the underlying embedded Linux OS on the device, allowing full control over it. | |||||
| CVE-2014-9815 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. | |||||
| CVE-2014-9811 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. | |||||
| CVE-2014-9812 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. | |||||
| CVE-2014-9809 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. | |||||
| CVE-2014-9810 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. | |||||
| CVE-2014-9807 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. | |||||
| CVE-2014-9808 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. | |||||
| CVE-2014-9806 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file. | |||||
| CVE-2014-9805 | 1 Imagemagick | 1 Imagemagick | 2017-04-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. | |||||
| CVE-2017-6184 | 1 Sophos | 1 Web Appliance | 2017-04-04 | 6.5 MEDIUM | 4.7 MEDIUM |
| In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. | |||||
| CVE-2017-6183 | 1 Sophos | 1 Web Appliance | 2017-04-04 | 6.5 MEDIUM | 7.2 HIGH |
| In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. | |||||
| CVE-2015-0864 | 1 Samsung | 2 Galaxy App, Samsung Account App | 2017-04-04 | 7.9 HIGH | 8.0 HIGH |
| Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | |||||