Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-02-27 CVE-2015-8903 Infinite Loop vulnerability in Imagemagick
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
network
low complexity
imagemagick CWE-835
6.5
2017-02-27 CVE-2015-8902 Infinite Loop vulnerability in Imagemagick
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
network
low complexity
imagemagick CWE-835
6.5
2017-02-27 CVE-2015-8901 Infinite Loop vulnerability in Imagemagick
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
network
low complexity
imagemagick CWE-835
6.5
2017-02-27 CVE-2015-8900 Infinite Loop vulnerability in Imagemagick
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
local
low complexity
imagemagick CWE-835
5.5
2017-02-27 CVE-2016-8387 Out-of-bounds Write vulnerability in Iceni Argus 6.6.04
An exploitable heap-based buffer overflow exists in Iceni Argus.
local
low complexity
iceni CWE-787
7.8
2017-02-27 CVE-2016-8386 Out-of-bounds Write vulnerability in Iceni Argus 6.6.04
An exploitable heap-based buffer overflow exists in Iceni Argus.
local
low complexity
iceni CWE-787
7.8
2017-02-27 CVE-2016-8385 Out-of-bounds Write vulnerability in Iceni Argus 6.6.04
An exploitable uninitialized variable vulnerability which leads to a stack-based buffer overflow exists in Iceni Argus.
local
low complexity
iceni CWE-787
7.8
2017-02-27 CVE-2016-8105 Unspecified vulnerability in Intel X710 Series Driver and Xl710 Series Driver
Drivers for the Intel Ethernet Controller X710 and Intel Ethernet Controller XL710 families before version 22.0 are vulnerable to a denial of service in certain layer 2 network configurations.
low complexity
intel
6.5
2017-02-27 CVE-2017-2683 Cross-site Scripting vulnerability in Siemens Ruggedcom Network Management Software 2.0.2
A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could perform a persistent Cross-Site Scripting (XSS) attack, potentially resulting in obtaining administrative permissions.
network
low complexity
siemens CWE-79
8.2
2017-02-27 CVE-2017-2682 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Ruggedcom Network Management Software 2.0.2
The Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and 8081/TCP could allow a remote attacker to perform a Cross-Site Request Forgery (CSRF) attack, potentially allowing an attacker to execute administrative operations, provided the targeted user has an active session and is induced to trigger a malicious request.
network
low complexity
siemens CWE-352
8.8