CVE-2014-9812
ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file.
CVE-2014-9805
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file.
CVE-2014-9808
ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image.
CVE-2014-9804
vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to “too many object.”
CVE-2014-9810
The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file.
CVE-2014-9813
ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file.
CVE-2014-9826
ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files.
CVE-2017-7290
SQL injection vulnerability in XOOPS 2.5.7.2 and other versions before 2.5.8.1 allows remote authenticated administrators to execute arbitrary SQL commands via the url parameter to findusers.php. An example attack uses “into outfile” to create a backdoor program.
CVE-2016-10309
In the GUI of Ceragon FibeAir IP-10 (before 7.2.0) devices, a remote attacker can bypass authentication by adding an ALBATROSS cookie with the value 0-4-11 to their browser.
CVE-2016-10307
Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3.0 devices have a built-in, hidden root account, with a default password for which the MD5 hash value is public (but the cleartext value is perhaps not yet public). This account is accessible via SSH and/or TELNET, and grants access to the underlying embedded …