|
266811
|
7.5 |
HIGH
Network
|
acquia
|
mollom
|
The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8754
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266812
|
9.1 |
CRITICAL
Network
|
sap
|
afaria
|
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8753
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266813
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause…
|
CWE-20
Improper Input Validation
|
CVE-2015-8742
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266814
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to caus…
|
CWE-20
Improper Input Validation
|
CVE-2015-8741
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266815
|
5.3 |
MEDIUM
Adjacent
|
wireshark
|
wireshark
|
The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers…
|
CWE-20
Improper Input Validation
|
CVE-2015-8740
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266816
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cau…
|
CWE-20
Improper Input Validation
|
CVE-2015-8739
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266817
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, w…
|
CWE-20
Improper Input Validation
|
CVE-2015-8738
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266818
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service (divide-by-…
|
CWE-20
Improper Input Validation
|
CVE-2015-8737
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266819
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of ser…
|
CWE-20
Improper Input Validation
|
CVE-2015-8736
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266820
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote att…
|
CWE-20
Improper Input Validation
|
CVE-2015-8735
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
