Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 104130 entries
IDDescriptionPriorityModified dateFixed Release
CVE-2014-9850 Logic error in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (resource consumption). Medium Mar 22, 2017 n/a
CVE-2014-9849 The png coder in ImageMagick allows remote attackers to cause a denial of service (crash). Medium Mar 22, 2017 n/a
CVE-2014-9848 Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). Medium Mar 22, 2017 n/a
CVE-2014-9847 The jng decoder in ImageMagick 6.8.9.9 allows remote attackers to have an unspecified impact. High Mar 22, 2017 n/a
CVE-2014-9846 Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact. High Mar 22, 2017 n/a
CVE-2014-9845 The ReadDIBImage function in coders/dib.c in ImageMagick allows remote attackers to cause a denial of service (crash) via a corrupted dib file. Medium Mar 22, 2017 n/a
CVE-2014-9844 The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image file. Medium Mar 22, 2017 n/a
CVE-2014-9843 The DecodePSDPixels function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors. High Mar 22, 2017 n/a
CVE-2014-9842 Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. Medium Mar 22, 2017 n/a
CVE-2014-9841 The ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to have unspecified impact via unknown vectors, related to throwing of exceptions. High Mar 22, 2017 n/a
CVE-2014-9840 ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted palm file. Medium Mar 24, 2017 n/a
CVE-2014-9839 magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). Medium Mar 24, 2017 n/a
CVE-2014-9838 magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (crash). Medium Mar 24, 2017 n/a
CVE-2014-9837 coders/pnm.c in ImageMagick 6.9.0-1 Beta and earlier allows remote attackers to cause a denial of service (crash) via a crafted png file. Medium Apr 17, 2017 n/a
CVE-2014-9836 ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service via a crafted xpm file. Medium Mar 24, 2017 n/a
CVE-2014-9835 Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. Medium Mar 24, 2017 n/a
CVE-2014-9834 Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. Medium Mar 24, 2017 n/a
CVE-2014-9833 Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. Medium Mar 24, 2017 n/a
CVE-2014-9832 Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. Medium Mar 24, 2017 n/a
CVE-2014-9831 coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted wpg file. Medium Aug 8, 2017 n/a
CVE-2014-9830 coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted sun file. Medium Aug 8, 2017 n/a
CVE-2014-9829 coders/sun.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted sun file. Medium Apr 10, 2017 n/a
CVE-2014-9828 coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file. Medium Aug 8, 2017 n/a
CVE-2014-9827 coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. Medium Aug 8, 2017 n/a
CVE-2014-9826 ImageMagick allows remote attackers to have unspecified impact via vectors related to error handling in sun files. High Apr 4, 2017 n/a
CVE-2014-9825 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9824. Medium Apr 10, 2017 n/a
CVE-2014-9824 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted psd file, a different vulnerability than CVE-2014-9825. Medium Apr 6, 2017 n/a
CVE-2014-9823 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9819. Medium Apr 6, 2017 n/a
CVE-2014-9822 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted quantum file. Medium Apr 4, 2017 n/a
CVE-2014-9821 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. Medium Apr 4, 2017 n/a
CVE-2014-9820 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pnm file. Medium Apr 4, 2017 n/a
CVE-2014-9819 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted palm file, a different vulnerability than CVE-2014-9823. Medium Apr 4, 2017 n/a
CVE-2014-9818 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a malformed sun file. Medium Apr 4, 2017 n/a
CVE-2014-9817 Heap-based buffer overflow in ImageMagick allows remote attackers to have unspecified impact via a crafted pdb file. Medium Apr 4, 2017 n/a
CVE-2014-9816 ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted viff file. Medium Apr 4, 2017 n/a
CVE-2014-9815 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted wpg file. Medium Apr 4, 2017 n/a
CVE-2014-9814 ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted wpg file. Medium Apr 4, 2017 n/a
CVE-2014-9813 ImageMagick allows remote attackers to cause a denial of service (application crash) via a crafted viff file. Medium Apr 4, 2017 n/a
CVE-2014-9812 ImageMagick allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted ps file. Medium Apr 4, 2017 n/a
CVE-2014-9811 The xwd file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed xwd file. Medium Apr 4, 2017 n/a
CVE-2014-9810 The dpx file handler in ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a malformed dpx file. Medium Apr 4, 2017 n/a
CVE-2014-9809 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted xwd image. Medium Apr 4, 2017 n/a
CVE-2014-9808 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted dpc image. Medium Apr 4, 2017 n/a
CVE-2014-9807 The pdb coder in ImageMagick allows remote attackers to cause a denial of service (double free) via unspecified vectors. Medium Apr 4, 2017 n/a
CVE-2014-9806 ImageMagick allows remote attackers to cause a denial of service (file descriptor consumption) via a crafted file. Medium Apr 4, 2017 n/a
CVE-2014-9805 ImageMagick allows remote attackers to cause a denial of service (segmentation fault and application crash) via a crafted pnm file. Medium Apr 4, 2017 n/a
CVE-2014-9804 vision.c in ImageMagick allows remote attackers to cause a denial of service (infinite loop) via vectors related to too many object.<a href=http://cwe.mitre.org/data/definitions/835.html>CWE-835: Loop with Unreachable Exit Condition (\'Infinite Loop\')</a> Medium Apr 3, 2017 n/a
CVE-2014-9772 The validator package before 2.0.0 for Node.js allows remote attackers to bypass the cross-site scripting (XSS) filter via hex-encoded characters. Medium Jan 24, 2017 n/a
CVE-2014-9760 Cross-site scripting (XSS) vulnerability in the displayLogin function in html/index.php in GOsa allows remote attackers to inject arbitrary web script or HTML via the username. Medium Feb 15, 2017 n/a
CVE-2014-9758 Cross-site scripting (XSS) vulnerability in Magento E-Commerce Platform 1.9.0.1. -- Sep 20, 2017 n/a
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online