Skip to main content
CVE-2015-8903 MEDIUM POC PATCH This Month

The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Imagemagick
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2015-8901 MEDIUM POC This Month

ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Imagemagick
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2015-8902 MEDIUM POC This Month

The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Imagemagick
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2017-6344 MEDIUM POC This Month

XML External Entity (XXE) vulnerability in Grails PDF Plugin 0.6 allows remote attackers to read arbitrary files via a crafted XML document. Rated medium severity (CVSS 5.9), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

XXE Pdf Plugin
NVD
CVSS 3.0
5.9
EPSS
0.3%
CVE-2017-6297 MEDIUM POC This Month

The L2TP Client in MikroTik RouterOS versions 6.83.3 and 6.37.4 does not enable IPsec encryption after a reboot, which allows man-in-the-middle attackers to view transmitted data unencrypted and gain. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Mikrotik Information Disclosure Routeros
NVD
CVSS 3.0
5.9
EPSS
0.1%
CVE-2015-8900 MEDIUM POC PATCH This Month

The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Imagemagick
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2016-9818 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at HYP. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9817 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving a (1) data or (2) prefetch abort with the ESR_EL2.EA bit set. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-8105 MEDIUM This Month

Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Intel X710 Series Driver Xl710 Series Driver
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9816 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host crash) via vectors involving an asynchronous abort while at EL2. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-9815 MEDIUM PATCH This Month

Xen through 4.7.x allows local ARM guest OS users to cause a denial of service (host panic) by sending an asynchronous abort. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Authentication Bypass Xen
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2017-6341 MEDIUM This Month

Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400.0000.28.R 2016-03-29, and SmartPSS Software 1.16.1 2017-01-19 send cleartext passwords in response to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Dahua Camera Firmware Nvr Firmware Smartpss Firmware
NVD
CVSS 3.0
5.9
EPSS
0.5%
CVE-2016-5240 MEDIUM This Month

The DrawDashPolygon function in magick/render.c in GraphicsMagick before 1.3.24 and the SVG renderer in ImageMagick allow remote attackers to cause a denial of service (infinite loop) by converting a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Graphicsmagick
NVD
CVSS 3.0
5.5
EPSS
1.4%
CVE-2016-10028 MEDIUM PATCH This Month

The virgl_cmd_get_capset function in hw/display/virtio-gpu-3d.c in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Denial Of Service Information Disclosure Qemu
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2016-10029 MEDIUM PATCH This Month

The virtio_gpu_set_scanout function in QEMU (aka Quick Emulator) built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service (out-of-bounds read and process. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Denial Of Service Information Disclosure Qemu
NVD
CVSS 3.1
5.5
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy