Lucene search
K

90 matches found

OSV
OSV
added 2019/09/09 5:15 p.m.2 views

DEBIAN-CVE-2019-16168

In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz field, aka a "severe division by zero in the query planner."...

6.5CVSS6.7AI score0.04253EPSS
Exploits0References1
OSV
OSV
added 2019/07/05 1:15 a.m.1 views

DEBIAN-CVE-2019-13300

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns...

8.8CVSS8.8AI score0.03166EPSS
Exploits1References1
OSV
OSV
added 2019/07/05 1:15 a.m.4 views

UBUNTU-CVE-2019-13307

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows...

8.8CVSS7AI score0.02082EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2019/07/05 1:15 a.m.30 views

CVE-2019-13307

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling rows...

7.8CVSS7AI score0.02082EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2019/07/05 12:52 a.m.30 views

CVE-2019-13300

ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCore/statistic.c in EvaluateImages because of mishandling columns...

8.8CVSS9.5AI score0.03166EPSS
Exploits1
CNVD
CNVD
added 2019/07/05 12:0 a.m.1 views

ImageMagick heap buffer overflow vulnerability (CNVD-2019-21663)

ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio A buffer error vulnerability exists in the 'EvaluateImages' function of the...

8.8CVSS7.2AI score0.03166EPSS
Exploits1References1
CNVD
CNVD
added 2019/07/05 12:0 a.m.1 views

ImageMagick heap buffer overflow vulnerability (CNVD-2019-21667)

ImageMagick Studio ImageMagick is a suite of open-source image processing software from the American company ImageMagick Studio. The software can read, convert or write images in a variety of formats. ImageMagick Studio A buffer overflow vulnerability exists in the 'EvaluateImages' function of th...

7.8CVSS7.2AI score0.02082EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/07/05 12:0 a.m.8 views

PT-2019-5192 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick versions 7.0.8-50 Description: The issue is related to a heap-based buffer overflow in the EvaluateImages function of the ImageMagick console graphic editor. This overflow occurs due to mishandling of rows in the...

9.8CVSS6.7AI score0.05916EPSS
Exploits65References468
CNVD
CNVD
added 2019/02/19 12:0 a.m.2 views

WTCMS Cross-Site Scripting Vulnerability

WTCMS is a ThinkPHP-based content management system CMS. A cross-site scripting vulnerability exists in WTCMS version 1.0, which can be exploited by remote attackers to inject arbitrary web script or HTML with the help of the 'statistic code' field...

6.1CVSS6AI score0.00826EPSS
Exploits1References1
Microsoft KB
Microsoft KB
added 2017/08/08 7:0 a.m.48 views

August 8, 2017—KB4034672 (Security-only update)

August 8, 2017—KB4034672 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addressed issue where a LUN connection that was received after the buffer allocation...

9.3CVSS7AI score0.55415EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2017/07/31 3:52 p.m.19 views

postgresql: Selectivity estimators bypass SELECT privilege checks

It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access...

7.5CVSS7.1AI score0.0256EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2017/07/05 5:54 a.m.5 views

postgresql: Selectivity estimators bypass SELECT privilege checks

It was found that some selectivity estimation functions did not check user privileges before providing information from pgstatistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access...

7.5CVSS7.1AI score0.0256EPSS
Exploits0References5
0day.today
0day.today
added 2017/04/16 12:0 a.m.27 views

Word Directory Script 2.1 Cross Site Scripting / SQL Injection Vulnerabilities

Exploit for php platform in category web applications Title: Word Directory Script v 2.1 - Cross Site Scripting / SQL Injection Credit: Bilal KARDADOU Vendor: http://www.phponly.com/ Vendor URL: http://www.phponly.com/words.html Product: Word Directory Script v 2.1 Google Dork: N/A Product &...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2017/04/14 12:0 a.m.36 views

Word Directory Script 2.1 Cross Site Scripting / SQL Injection

Title: Word Directory Script v 2.1 - Cross Site Scripting / SQL Injection Credit: Bilal KARDADOU Vendor: http://www.phponly.com/ Vendor URL: http://www.phponly.com/words.html Product: Word Directory Script v 2.1 Google Dork: N/A Product & Service Introduction: "Word Directory Script" The big...

0.3AI score
Exploits0
n0where
n0where
added 2016/12/19 6:43 a.m.21 views

IT Threat GeoDashboard: Suspicious

IT Threat GeoDashboard Suspicious is a combination of Open Source software configured to give end users a view on IT threats over an interactive geographical dashboard. You’ll just need an Internet Browser to access the dashboard. This application has been build on a GNU/Linux environment and may...

0.4AI score
Exploits0References1
Oracle linux
Oracle linux
added 2016/05/12 12:0 a.m.74 views

ntp security and bug fix update

4.2.6p5-10 - don't accept server/peer packets with zero origin timestamp CVE-2015-8138 - fix crash with reslist command CVE-2015-7977, CVE-2015-7978 4.2.6p5-9 - fix crash with invalid logconfig command CVE-2015-5194 - fix crash when referencing disabled statistic type CVE-2015-5195 - don't hang i...

5CVSS0.9AI score0.12282EPSS
Exploits2
Typo3
Typo3
added 2016/03/03 12:0 a.m.11 views

Multiple vulnerabilities in extension "Fe user statistic" (festat)

It has been discovered that the extension "Fe user statistic" festat is susceptible to Cross-Site Scripting, Insecure Unserialize and Information Disclosure. Release Date: March 03, 2016 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affecte...

6.6AI score
Exploits0Affected Software1
exploitpack
exploitpack
added 2014/11/13 12:0 a.m.32 views

Joomla! Component com_hdflvplayer 2.1.0.1 - SQL Injection

Joomla! Component comhdflvplayer 2.1.0.1 - SQL Injection !/usr/bin/python Exploit Title : Joomla HD FLV 2.1.0.1 and below SQL Injection Exploit Author : Claudio Viviani Vendor Homepage : http://www.hdflvplayer.net/ Software Link : http://www.hdflvplayer.net/downloadcount.php?pid=5 Dork google 1:...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2014/09/08 12:0 a.m.25 views

phpMyFAQ 2.8.x - Multiple Vulnerabilities

Title: phpMyFAQ 2.8.X - Multiple Vulnerabilities Vendor: phpmyfaq.de Date: 04.09.19 Version: = 2.8.12 Latest ATM Tested on: Apache 2.2 / PHP 5.4 / Linux Contact: smash at devilteam.pl 1 Persistent XSS Administrator is able to view information about specific user session in 'Statistic' tab. Over...

7AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

AIX 4.2/4.3 netstat -Z Statistic Clearing Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1660/info A vulnerability exists in versions 4.x. x of AIX, from IBM. Any local user can utilize the -Z command to netstat, without needing to be root. This will cause interface statistics to be reset. This could...

7.1AI score
Exploits0
Rows per page
Query Builder