|
266791
|
9.1 |
CRITICAL
Network
|
mcafee
|
file_lock
|
McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtain sensitive information from kernel memory or cause a denial of service (system crash) via a large …
|
CWE-19
Data Processing Errors
|
CVE-2015-8772
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266792
|
6.5 |
MEDIUM
Network
|
roundcube
|
roundcube_webmail
|
Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full path…
|
CWE-22
Path Traversal
|
CVE-2015-8794
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266793
|
6.1 |
MEDIUM
Network
|
roundcube
|
webmail
|
Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote attackers to inject arbitrary web script or HTML via the _mbox pa…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8793
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266794
|
5.3 |
MEDIUM
Network
|
matroska
opensuse
|
libmatroska
leap
opensuse
|
The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attackers to obtain sensitive information from process heap memory via crafted EBML lacing, which triggers…
|
CWE-119
CWE-200
Incorrect Access of Indexable Resource ('Range Error')
Information Exposure
|
CVE-2015-8792
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266795
|
4.3 |
MEDIUM
Network
|
matroska
|
libebml
|
The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted length value in an EBML …
|
CWE-200
Information Exposure
|
CVE-2015-8791
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266796
|
4.3 |
MEDIUM
Network
|
matroska
|
libebml
|
The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent attackers to obtain sensitive information from process heap memory via a crafted UTF-8 string, which tr…
|
CWE-200
Information Exposure
|
CVE-2015-8790
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266797
|
9.6 |
CRITICAL
Network
|
matroska
|
libebml
|
Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" fo…
|
NVD-CWE-Other
|
CVE-2015-8789
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266798
|
7.5 |
HIGH
Network
|
roundcube
|
roundcube_webmail
|
Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain pe…
|
CWE-22
Path Traversal
|
CVE-2015-8770
|
2024-11-21 11:39 |
2016-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266799
|
5.5 |
MEDIUM
Local
|
gnu
|
glibc
|
The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 allows local users to bypass a pointer-guarding protection mechanism via a zero value of the LD_POINTE…
|
CWE-254
7PK - Security Features
|
CVE-2015-8777
|
2024-11-21 11:39 |
2016-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266800
|
5.9 |
MEDIUM
Network
|
openstack
|
nova
|
The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and 12.0.x before 12.0.1 (liberty) includes the connection_info dictionary in the StorageError message …
|
CWE-200
Information Exposure
|
CVE-2015-8749
|
2024-11-21 11:39 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
