CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4150 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4150
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4151 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4151
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4152 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4152
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4153 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4153
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4154 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4154
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 3%CPEs: 29EXPL: 0CVE-2016-4155 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4155
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 4%CPEs: 34EXPL: 0CVE-2016-4156 – flash-plugin: multiple code execution issues fixed in APSB16-18
https://notcve.org/view.php?id=CVE-2016-4156
16 Jun 2016 — Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-083. Vulnerabilidad no especificada en Adobe Flash Player 21.0.0.242 y versiones anteriores, tal como se utiliza en las librerías Adobe Flash en Microsoft Internet Explorer 10 y 11 y Microsoft Edge, tiene vectores de ataque e impacto no conocidos... • http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00031.html •
CVSS: 10.0EPSS: 35%CPEs: 24EXPL: 0CVE-2016-5118 – ImageMagick: Remote code execution via filename
https://notcve.org/view.php?id=CVE-2016-5118
30 May 2016 — The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to execute arbitrary code via a | (pipe) character at the start of a filename. La función OpenBlob en blob.c en GraphicsMagick en versiones anteriores a 1.3.24 y ImageMagick permite a atacantes remotos ejecutar código arbitrario a través del caractér | (tubería) en el inicio del nombre de archivo. It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processe... • http://git.imagemagick.org/repos/ImageMagick/commit/40639d173aa8c76b850d625c630b711fee4dcfb8 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 87%CPEs: 84EXPL: 1CVE-2016-3718 – ImageMagick Server-Side Request Forgery (SSRF) Vulnerability
https://notcve.org/view.php?id=CVE-2016-3718
05 May 2016 — The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. Los codificadores (1) HTTP y (2) FTP en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permiten a atacantes remotos llevar a cabo ataques de falsificación de peticiones del lado del servidor (SSRF) a través de una imagen manipulada. A server-side request forgery flaw was discovered in th... • https://www.exploit-db.com/exploits/39767 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.8EPSS: 89%CPEs: 84EXPL: 2CVE-2016-3715 – ImageMagick Arbitrary File Deletion Vulnerability
https://notcve.org/view.php?id=CVE-2016-3715
05 May 2016 — The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. El codificador EPHEMERAL en ImageMagick en versiones anteriores a 6.9.3-10 y 7.x en versiones anteriores a 7.0.1-1 permite a atacantes remotos eliminar archivos arbitrarios a través de una imagen manipulada. It was discovered that certain ImageMagick coders and pseudo-protocols did not properly prevent security sensitive operations when processing specially crafted... • https://www.exploit-db.com/exploits/39767 • CWE-20: Improper Input Validation CWE-552: Files or Directories Accessible to External Parties •