CVE-2016-2222

The wphttpvalidateurl function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery SSRF attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/press-this.php...

CVE-2016-2222

The wphttpvalidateurl function in wp-includes/http.php in WordPress before 4.4.2 allows remote attackers to conduct server-side request forgery SSRF attacks via a zero value in the first octet of an IPv4 address in the u parameter to wp-admin/press-this.php...

Updated imagemagick/ruby-rmagic packages fix security vulnerability

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities,...

Amazon Linux AMI : ImageMagick (ALAS-2016-699) (ImageTragick)

It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities,...

WordPress < 4.5.2 Multiple Vulnerabilities (ImageTragick)

According to its self-reported version number, the WordPress application running on the remote web server is prior to 4.5.2. It is, therefore, affected by the following vulnerabilities : - A remote code execution vulnerability, known as ImageTragick, exists in the ImageMagick library due to a...

SUSE-SU-2016:1275-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issues fixed: - Several coders were vulnerable to remote code execution attacks, these coders have now been disabled. They can be re-enabled by exporting the following environment variable...

SUSE-SU-2016:1276-1 Security update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: - Security update Remote Code Execution / Local File read bsc978061 CVE-2016-3714, CVE-2016-3715, CVE-2016-3717, CVE-2016-3718 - CVE-2016-3714: Insufficient shell characters filtering leads to potentially remote code execution -...

Important: ImageMagick

Issue Overview: It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagi...

CentOS 6 / 7 : ImageMagick (CESA-2016:0726) (ImageTragick)

An update for ImageMagick is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 6 / 7 : ImageMagick (RHSA-2016:0726) (ImageTragick)

An update for ImageMagick is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Scientific Linux Security Update : ImageMagick on SL6.x, SL7.x i386/x86_64 (20160509) (ImageTragick)

Security Fixes : - It was discovered that ImageMagick did not properly sanitize certain input before passing it to the delegate functionality. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the...

RedHat Update for ImageMagick RHSA-2016:0726-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for ImageMagick CESA-2016:0726 centos7

Check the version of ImageMagick SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882484";...

Dropbox: Dropbox apps Server side request forgery

Hi, SSRF is a vulnerability that appears when an attacker has the ability to create requests from the vulnerable server. Usually, Server Side Request Forgery SSRF attacks target internal systems behind the firewall that are normally inaccessible from the outside world but using SSRF it’s possible...

ImageMagick Studio ImageMagick Server-Side Request Forgery Vulnerability

ImageMagick Studio ImageMagick is the United States a set of open source image processing software. A server-side request forgery vulnerability exists in the HTTP and FTP encoders of ImageMagick Studio ImageMagick, which allows remote attackers to construct malicious URIs, trick users into parsin...

Cisco Finesse Server-Side Request Forgery Vulnerability

Cisco Finesse is a set of call center management software from the U.S. company Cisco Cisco. The software enhances call center service quality, improves customer experience, and increases agent satisfaction. A server-side request forgery vulnerability exists in Cisco Finesse, which stems from the...

Server side request forgery (ssrf)

The gadgets-integration API in Cisco Finesse 8.51 through 8.55, 8.61, 9.01, 9.02, 9.11, 9.11SU1, 9.11SU1.1, 9.11ES1 through 9.11ES5, 10.01, 10.01SU1, 10.01SU1.1, 10.51, 10.51ES1 through 10.51ES4, 10.51SU1, 10.51SU1.1, 10.51SU1.7, 10.61, 10.61SU1, 10.61SU2, and 11.01 allows remote attackers to...

CVE-2016-1373

The gadgets-integration API in Cisco Finesse 8.51 through 8.55, 8.61, 9.01, 9.02, 9.11, 9.11SU1, 9.11SU1.1, 9.11ES1 through 9.11ES5, 10.01, 10.01SU1, 10.01SU1.1, 10.51, 10.51ES1 through 10.51ES4, 10.51SU1, 10.51SU1.1, 10.51SU1.7, 10.61, 10.61SU1, 10.61SU2, and 11.01 allows remote attackers to...

CVE-2016-3718

A server-side request forgery flaw was discovered in the way ImageMagick processed certain images. A remote attacker could exploit this flaw to mislead an application using ImageMagick or an unsuspecting user using the ImageMagick utilities into, for example, performing HTTPS requests or opening...

Mail.ru: SSRF на element.mail.ru

Server Side Request Forgery in out-of-csope partner project outside of company's network...