|
273911
|
8.8 |
HIGH
Network
|
orion-soft
|
bitrix
|
Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" par…
|
CWE-89
SQL Injection
|
CVE-2015-8355
|
2024-11-21 11:38 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273912
|
9.8 |
CRITICAL
Network
|
zen-cart
|
zen_cart
|
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
|
CWE-22
Path Traversal
|
CVE-2015-8352
|
2024-11-21 11:38 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273913
|
7.8 |
HIGH
Local
|
lxdm_project
|
lxdm
|
LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.
|
CWE-287
Improper Authentication
|
CVE-2015-8308
|
2024-11-21 11:38 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273914
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths is missing in malware protection.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8596
|
2024-11-21 11:38 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273915
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in digital television/digital radio DRM.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8595
|
2024-11-21 11:38 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273916
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in RFA-1x.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8594
|
2024-11-21 11:38 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273917
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8593
|
2024-11-21 11:38 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273918
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not validated prior to being dereferenced potentially resulting in Guest-OS memory corruption.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8592
|
2024-11-21 11:38 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273919
|
5.5 |
MEDIUM
Local
|
tcoffee
|
t-coffee
|
t-coffee before 11.00.8cbe486-2 allows local users to write to ~/.t_coffee globally.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8621
|
2024-11-21 11:38 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273920
|
7.8 |
HIGH
Local
|
f-secure
|
f-secure_online_scanner
|
Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same f…
|
CWE-426
Untrusted Search Path
|
CVE-2015-8264
|
2024-11-21 11:38 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
