CVE-2016-4812
Cross-site scripting (XSS) vulnerability in the Markdown on Save Improved plugin before 2.5.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: CVE-2016-4812
[월:] 2016년 06월
CVE-2016-4564 (imagemagick)
CVE-2016-4564 (imagemagick)
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Source: CVE-2016-4564 (imagemagick)
CVE-2016-4564
CVE-2016-4564
The DrawImage function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 makes an incorrect function call in attempting to locate the next token, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Source: CVE-2016-4564
CVE-2016-4563 (imagemagick)
CVE-2016-4563 (imagemagick)
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Source: CVE-2016-4563 (imagemagick)
CVE-2016-4563
CVE-2016-4563
The TraceStrokePolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles the relationship between the BezierQuantum value and certain strokes data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Source: CVE-2016-4563
CVE-2016-4562 (imagemagick)
CVE-2016-4562 (imagemagick)
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Source: CVE-2016-4562 (imagemagick)
CVE-2016-4562
CVE-2016-4562
The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Source: CVE-2016-4562
CVE-2016-1403 (ip_phone_8800_series_firmware)
CVE-2016-1403 (ip_phone_8800_series_firmware)
CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005.
CVE-2016-1403
CVE-2016-1403
CISCO IP 8800 phones with software 11.0.1 and earlier allow local users to gain privileges for OS command execution via crafted CLI commands, aka Bug ID CSCuz03005.
Source: CVE-2016-1403
CVE-2016-1211 (web_mailing_list)
CVE-2016-1211 (web_mailing_list)
Cross-site scripting (XSS) vulnerability in Epoch Web Mailing List 0.31 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: CVE-2016-1211 (web_mailing_list)