CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

991 matches found

CNVD•added 2016/07/13 12:0 a.m.•1 views

Drupal Coder Remote Code Execution Vulnerability

Drupal is a free, open-source content management system developed in the PHP language maintained by the Drupal community; Coder is Drupal's encoder module. A remote code execution vulnerability exists in the Drupal Coder module. Because the module does not adequately validate user-entered script...

8.7AI score

Exploits0References1

Drupal•added 2016/07/13 12:0 a.m.•50 views

Coder - Highly Critical - Remote Code Execution - SA-CONTRIB-2016-039

The Coder module checks your Drupal code against coding standards and other best practices. It can also fix coding standard violations and perform basic upgrades on modules. The module doesn't sufficiently validate user inputs in a script file that has the php extension. A malicious unauthenticat...

7.9AI score

Exploits0References16

RedhatCVE•added 2016/06/20 10:18 a.m.•18 views

CVE-2016-5687

The VerticalFilter function in the DDS coder in ImageMagick before 6.9.4-3 and 7.x before 7.0.1-4 allows remote attackers to have unspecified impact via a crafted DDS file, which triggers an out-of-bounds read...

9.8CVSS7.2AI score0.00748EPSS

Exploits0References2

OSV•added 2016/05/05 6:59 p.m.•1 views

DEBIAN-CVE-2016-3718

The 1 HTTP and 2 FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery SSRF attacks via a crafted image...

5.5CVSS6.9AI score0.86935EPSS

Exploits4References1

OSV•added 2016/05/05 6:59 p.m.•1 views

DEBIAN-CVE-2016-3717

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image...

5.5CVSS5.3AI score0.40019EPSS

Exploits4References1

OSV•added 2016/05/05 6:59 p.m.•1 views

DEBIAN-CVE-2016-3716

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image...

3.3CVSS5.1AI score0.29873EPSS

Exploits5References1

NVD•added 2016/05/05 6:59 p.m.•20 views

CVE-2016-3716

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image...

4.3CVSS5.5AI score0.29873EPSS

Exploits5References18

OSV•added 2016/05/05 6:59 p.m.•1 views

DEBIAN-CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...

5.5CVSS6.9AI score0.89254EPSS

Exploits5References1

NVD•added 2016/05/05 6:59 p.m.•20 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...

5.8CVSS6.4AI score0.89254EPSS

Exploits5References21

OSV•added 2016/05/05 6:59 p.m.•6 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...

5.5CVSS8AI score0.89254EPSS

Exploits5References21

CVE•added 2016/05/05 6:0 p.m.•152 views

CVE-2016-3716

CVE-2016-3716 affects ImageMagick (MSL coder) and allowed a remote attacker to move uploaded files by processing a crafted image. Affected products include ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. Multiple coordinated advisories describe ImageTragick issues caused by lack of input sani...

4.3CVSS5.4AI score0.29873EPSS

Exploits5References18Affected Software1

CVE•added 2016/05/05 6:0 p.m.•1087 views

CVE-2016-3715

Summary: CVE-2016-3715 affects ImageMagick where the EPHEMERAL coder allows a remote attacker to delete arbitrary files via a crafted image. Affected versions are ImageMagick prior to 6.9.3-10 and 7.x prior to 7.0.1-1. Impact (per sources): Remote deletion of files via crafted images using the EP...

5.8CVSS6.3AI score0.89254EPSS

In wildExploits5References21Affected Software16

Cvelist•added 2016/05/05 6:0 p.m.•28 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...

6.5AI score0.89254EPSS

Exploits5References20

Vulnrichment•added 2016/05/05 6:0 p.m.•4 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...

6.8AI score0.89254EPSS

Exploits5References20

Cvelist•added 2016/05/05 6:0 p.m.•25 views

CVE-2016-3717

The LABEL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to read arbitrary files via a crafted image...

6.4AI score0.40019EPSS

Exploits4References19

Debian CVE•added 2016/05/05 6:0 p.m.•28 views

CVE-2016-3716

The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image...

4.3CVSS5.4AI score0.29873EPSS

Exploits5

Debian CVE•added 2016/05/05 6:0 p.m.•31 views

CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...

5.8CVSS6AI score0.89254EPSS

Exploits5

CVE•added 2016/05/05 6:0 p.m.•149 views

CVE-2016-3717

CVE-2016-3717 affects ImageMagick (LABEL coder) and allows reading local files via a crafted image. Affected: ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1. Mitigations documented include disabling vulnerable coders (EPHEMERAL, URL/HTTPS, MVG, MSL, etc.) via policy.xml and applying vendor-se...

7.1CVSS6.2AI score0.40019EPSS

Exploits4References19Affected Software1

OSV•added 2016/05/05 12:0 a.m.•1 views

UBUNTU-CVE-2016-3715

The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image...

5.5CVSS6.5AI score0.89254EPSS

Exploits5References5