|
277161
|
- |
|
ffmpeg
canonical
|
ffmpeg
ubuntu_linux
|
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a …
|
CWE-17
Code
|
CVE-2015-6818
|
2024-11-21 11:35 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277162
|
- |
|
invisioncommunity
|
invision_power_board
|
Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.0.12.1 allows remote attackers to cause a denial of service (loop and memory consumption) via a cr…
|
CWE-399
Resource Management Errors
|
CVE-2015-6812
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277163
|
- |
|
cyberoam
|
cyberoamos
|
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username pa…
|
CWE-89
SQL Injection
|
CVE-2015-6811
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277164
|
- |
|
invisionpower
|
invision_power_board
|
Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x before 4.0.12.1 allows remote authenticated users to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6810
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277165
|
- |
|
bedita
|
bedita
|
Multiple cross-site scripting (XSS) vulnerabilities in BEdita before 3.6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cfg[projectName] parameter to index.php/admin/save…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6809
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277166
|
- |
|
getlevelten
|
spotlight
|
Cross-site scripting (XSS) vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6808
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277167
|
- |
|
mass_contact_project
|
mass_contact
|
Cross-site scripting (XSS) vulnerability in the Mass Contact module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer mass contact" p…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6807
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277168
|
- |
|
google
|
chrome
|
Google Chrome before 45.0.2454.85 does not display a location bar for a hosted app's window after navigation away from the installation site, which might make it easier for remote attackers to spoof …
|
CWE-254
7PK - Security Features
|
CVE-2015-6583
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277169
|
- |
|
google
|
chrome
|
The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote a…
|
CWE-254
7PK - Security Features
|
CVE-2015-6582
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277170
|
- |
|
google
|
chrome
|
Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to…
|
NVD-CWE-Other
|
CVE-2015-6581
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
