|
266941
|
6.8 |
MEDIUM
Network
|
buffalotech
|
airstation_extreme_n600_firmware
airstation_extreme_n600
|
Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof r…
|
NVD-CWE-Other
|
CVE-2015-8262
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266942
|
5.9 |
MEDIUM
Network
|
rsi_video_technologies
|
frontel_protocol
|
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2)…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2015-8254
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266943
|
3.7 |
LOW
Network
|
rsi_video_technologies
|
frontel_protocol
|
The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (…
|
CWE-200
Information Exposure
|
CVE-2015-8253
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266944
|
5.9 |
MEDIUM
Network
|
rsi_video_technologies
|
frontel_protocol
|
The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and perfo…
|
CWE-200
Information Exposure
|
CVE-2015-8252
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266945
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, …
|
CWE-200
Information Exposure
|
CVE-2015-8669
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266946
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly h…
|
CWE-189
Numeric Errors
|
CVE-2015-8664
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266947
|
8.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8663
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266948
|
7.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which al…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8662
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266949
|
8.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote at…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8661
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266950
|
10.0 |
CRITICAL
Network
|
dovestones
|
ad_self_password_reset
|
The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self Password Reset before 3.0.4.0 allows remote attackers to reset arbitrary passwords …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8267
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
