|
277321
|
- |
|
libmspack_project
|
libmspack
|
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
|
CWE-189
Numeric Errors
|
CVE-2015-4470
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277322
|
- |
|
libmspack_project
|
libmspack
|
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) vi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4469
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277323
|
- |
|
libmspack_project
|
libmspack
|
Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CH…
|
CWE-189
Numeric Errors
|
CVE-2015-4468
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277324
|
- |
|
libmspack_project
|
libmspack
|
The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service (divide-by-zero error and app…
|
CWE-189
Numeric Errors
|
CVE-2015-4467
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277325
|
- |
|
zanematthew
|
zm_ajax_login_\&_register
|
Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4465
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277326
|
- |
|
magnifica_webscripts
|
anima_gallery
|
Multiple directory traversal vulnerabilities in func.php in Magnifica Webscripts Anima Gallery 2.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) th…
|
CWE-22
Path Traversal
|
CVE-2015-4415
|
2024-11-21 11:31 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277327
|
- |
|
ektron
|
ektron_content_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/workarea.aspx in Ektron Content Management System (CMS) before 9.10 SP1 (Build 9.1.0.184.1.114) allow remote authenticated users t…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4427
|
2024-11-21 11:31 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277328
|
- |
|
zohocorp
|
manageengine_netflow_analyzer
|
Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended…
|
CWE-284
Improper Access Control
|
CVE-2015-4418
|
2024-11-21 11:31 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277329
|
9.8 |
CRITICAL
Network
|
gnu
|
coreutils
|
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified othe…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-4042
|
2024-11-21 11:30 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277330
|
7.8 |
HIGH
Local
|
gnu
|
coreutils
|
The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, wh…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-4041
|
2024-11-21 11:30 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
