CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5483 matches found

Metasploit•added 2016/05/05 7:18 p.m.•69 views

ImageMagick Delegate Arbitrary Command Execution

This module exploits a shell command injection in the way "delegates" commands for converting files are processed in ImageMagick versions 'ImageMagick Delegate Arbitrary Command Execution', 'Description' = %q This module exploits a shell command injection in the way "delegates" commands for...

7.5AI score

Exploits0

0day.today•added 2016/05/04 12:0 a.m.•330 views

ImageMagick 6.9.3-9 / 7.0.1-0 - Multiple Vulnerabilities (ImageTragick)

Exploit for multiple platform in category dos / poc Nikolay Ermishkin from the Mail.Ru Security Team discovered several vulnerabilities in ImageMagick. We've reported these issues to developers of ImageMagick and they made a fix for RCE in sources and released new version 6.9.3-9 released...

10CVSS7.1AI score0.93622EPSS

Exploits13

Tenable Nessus•added 2016/04/07 12:0 a.m.•22 views

openSUSE Security Update : ghostscript (openSUSE-2016-427)

ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed : - CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact...

6.8CVSS7.8AI score0.00967EPSS

Exploits0References3

Tenable Nessus•added 2016/03/25 12:0 a.m.•22 views

SUSE SLED12 / SLES12 Security Update : ghostscript (SUSE-SU-2016:0884-1)

6.8CVSS7.8AI score0.00967EPSS

Exploits0References5

OSV•added 2016/03/24 11:41 a.m.•4 views

SUSE-SU-2016:0884-1 Security update for ghostscript

ghostscript was updated to fix one security issue and one bug. The following vulnerability was fixed: CVE-2015-3228: Specially crafted ps files could have caused an out of bound read/write due to an integer overflow, causing a segfault in the application or having unspecified further impact. Also...

6.8CVSS9.3AI score0.00967EPSS

Exploits0References4

RedhatCVE•added 2015/10/30 10:23 a.m.•20 views

CVE-2009-4270

Stack-based buffer overflow in the errprintf function in base/gsmisc.c in ghostscript 8.64 through 8.70 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PDF file, as originally reported for debug logging code in gdevcups.c in the CUPS...

9.3CVSS8.7AI score0.0864EPSS

Exploits2References3

OpenVAS•added 2015/10/15 12:0 a.m.•17 views

Mageia: Security Advisory (MGASA-2015-0308)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS9.5AI score0.00967EPSS

Exploits0References4

OpenVAS•added 2015/10/08 12:0 a.m.•16 views

Oracle: Security Advisory (ELSA-2008-0155)

6.8CVSS6.4AI score0.15307EPSS

Exploits1References2

OpenVAS•added 2015/10/08 12:0 a.m.•19 views

Oracle: Security Advisory (ELSA-2009-0345)

9.3CVSS7.9AI score0.08952EPSS

Exploits1References2

OpenVAS•added 2015/10/08 12:0 a.m.•21 views

Oracle: Security Advisory (ELSA-2009-0421)

9.3CVSS7.8AI score0.09527EPSS

Exploits4References2

OpenVAS•added 2015/10/06 12:0 a.m.•27 views

Oracle: Security Advisory (ELSA-2012-0095)

9.3CVSS6.5AI score0.03936EPSS

Exploits1References2

OpenVAS•added 2015/10/06 12:0 a.m.•29 views

Oracle: Security Advisory (ELSA-2012-1256)

6.8CVSS6.4AI score0.23786EPSS

Exploits0References2

OpenVAS•added 2015/09/29 12:0 a.m.•29 views

Gentoo Security Advisory GLSA 201412-17

Gentoo Linux Local Security Checks GLSA 201412-17 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

9.3CVSS5.1AI score0.23786EPSS

Exploits7References1

OpenVAS•added 2015/09/08 12:0 a.m.•17 views

Amazon Linux: Security Advisory (ALAS-2012-127)

6.8CVSS6.4AI score0.23786EPSS

Exploits0References2

OpenVAS•added 2015/09/08 12:0 a.m.•32 views

Amazon Linux: Security Advisory (ALAS-2012-42)

9.3CVSS6.5AI score0.03936EPSS

Exploits1References2

Tenable Nessus•added 2015/09/02 12:0 a.m.•17 views

FreeBSD : ghostscript -- denial of service (crash) via crafted Postscript files (fc1f6658-4f53-11e5-934b-002590263bf5)

MITRE reports : Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or...

6.8CVSS7.9AI score0.00967EPSS

Exploits0References5

CNVD•added 2015/08/18 12:0 a.m.•2 views

GNU troff contrib/pdfmark/pdfroff.sh design error vulnerability

Groff GNU Troff is the latest open source implementation of Troff, a document preparation system that generates print and screen documents from the same input source for a variety of devices. GNU troff groff versions prior to 1.21 in contrib/pdfmark/pdfroff.sh starts the Ghostscript program witho...

6.5CVSS6.9AI score0.01318EPSS

Exploits0References1

OSV•added 2015/08/11 2:59 p.m.•3 views

CVE-2015-3228

Integer overflow in the gsheapallocbytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service crash via a crafted Postscript ps file, as demonstrated by using the ps2pdf command, which triggers an out-of-bounds read or write...

9AI score

Exploits0References11