Exploit Database

145,600 exploits tracked across all sources.

Sort: Activity Stars
CVE-2016-10050 WRITEUP HIGH
ImageMagick 6.9.4-8 - Buffer Overflow
Heap-based buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.9.4-8 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVSS 7.8
CVE-2016-10049 WRITEUP HIGH
ImageMagick <6.9.4.4 - Buffer Overflow
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick before 6.9.4-4 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted RLE file.
CVSS 7.8
CVE-2015-8959 WRITEUP MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted DDS File
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
CVSS 6.5
CVE-2015-8959 WRITEUP MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted DDS File
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
CVSS 6.5
CVE-2015-8958 WRITEUP MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted SUN File
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
CVSS 6.5
CVE-2015-8958 WRITEUP MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted SUN File
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
CVSS 6.5
CVE-2015-8958 WRITEUP MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted SUN File
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
CVSS 6.5
CVE-2015-8957 WRITEUP MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted SUN File
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
CVSS 6.5
CVE-2015-8957 WRITEUP MEDIUM
ImageMagick < 6.9.0-3 - Denial of Service via Crafted SUN File
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
CVSS 6.5
CVE-2015-8898 WRITEUP MEDIUM
ImageMagick < 6.9.2-3 - Denial of Service via Crafted Image File
The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image file.
CVSS 5.5
CVE-2014-9907 WRITEUP MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Crafted DDS File
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.
CVSS 6.5
CVE-2014-9907 WRITEUP MEDIUM
ImageMagick < 6.9.4-0 - Denial of Service via Crafted DDS File
coders/dds.c in ImageMagick allows remote attackers to cause a denial of service via a crafted DDS file.
CVSS 6.5
CVE-2016-5689 WRITEUP CRITICAL
ImageMagick <6.9.4.5, <7.0.1.7 - Info Disclosure
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of NULL pointer checks.
CVSS 9.8
CVE-2016-5690 WRITEUP CRITICAL
ImageMagick <6.9.4.5, <7.0.1.7 - Remote Code Execution
The ReadDCMImage function in DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact via vectors involving the for statement in computing the pixel scaling table.
CVSS 9.8
CVE-2016-5691 WRITEUP CRITICAL
ImageMagick <6.9.4.5 & <7.0.1.7 - Info Disclosure
The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to have unspecified impact by leveraging lack of validation of (1) pixel.red, (2) pixel.green, and (3) pixel.blue.
CVSS 9.8
CVE-2016-5696 WRITEUP MEDIUM
Linux kernel <4.7 - RCE
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
CVSS 4.8
CVE-2016-5705 WRITEUP MEDIUM
phpMyAdmin 4.4.x-4.6.3 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) server-privileges certificate data fields on the user privileges page, (2) an "invalid JSON" error message in the error console, (3) a database name in the central columns implementation, (4) a group name, or (5) a search name in the bookmarks implementation.
CVSS 6.1
CVE-2016-5730 WRITEUP MEDIUM
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - Info Disclosure
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving (1) an array value to FormDisplay.php, (2) incorrect data to validate.php, (3) unexpected data to Validator.php, (4) a missing config directory during setup, or (5) an incorrect OpenID identifier data type, which reveals the full path in an error message.
CVSS 5.3
CVE-2016-5731 WRITEUP MEDIUM
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - XSS
Cross-site scripting (XSS) vulnerability in examples/openid.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via vectors involving an OpenID error message.
CVSS 6.1
CVE-2016-5732 WRITEUP MEDIUM
phpMyAdmin 4.6.0-4.6.3 - Cross-Site Scripting via Partition Range Table Parameters
Multiple cross-site scripting (XSS) vulnerabilities in the partition-range implementation in templates/table/structure/display_partitions.phtml in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via crafted table parameters.
CVSS 6.1
CVE-2016-5733 WRITEUP MEDIUM
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a crafted table name that is mishandled during privilege checking in table_row.phtml, (2) a crafted mysqld log_bin directive that is mishandled in log_selector.phtml, (3) the Transformation implementation, (4) AJAX error handling in js/ajax.js, (5) the Designer implementation, (6) the charts implementation in js/tbl_chart.js, or (7) the zoom-search implementation in rows_zoom.phtml.
CVSS 6.1
CVE-2016-5734 WRITEUP CRITICAL
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - RCE
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the preg_replace e (aka eval) modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table search-and-replace implementation.
CVSS 9.8
CVE-2016-5739 WRITEUP HIGH
phpMyAdmin <4.0.10.16, <4.4.15.7, <4.6.3 - CSRF
The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy (CSP) protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication token in a Referer header, related to libraries/Header.php.
CVSS 7.5
CVE-2016-5842 WRITEUP HIGH
ImageMagick <7.0.2-1 - Info Disclosure
MagickCore/property.c in ImageMagick before 7.0.2-1 allows remote attackers to obtain sensitive memory information via vectors involving the q variable, which triggers an out-of-bounds read.
CVSS 7.5
CVE-2016-5843 WRITEUP CRITICAL
FAQ package <2.3.6, <4.0.5, <5.0.5 - SQL Injection
Multiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
CVSS 9.4