|
267251
|
- |
|
arista
|
eos
|
Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging manag…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8236
|
2024-11-21 11:38 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267252
|
- |
|
tibco
|
loglogic_unity
|
The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users to gain privileges, and consequently obtain sensitive information, via an HTTP request.
|
CWE-200
Information Exposure
|
CVE-2015-8090
|
2024-11-21 11:38 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267253
|
- |
|
mayo_project
|
mayo
|
Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2015-8233
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267254
|
- |
|
uc_profile_project
|
uc_profile
|
The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from th…
|
CWE-200
Information Exposure
|
CVE-2015-8232
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267255
|
- |
|
canonical
|
ubuntu_linux
|
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8222
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267256
|
- |
|
google
|
picasa
|
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
|
CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error')
Numeric Errors
|
CVE-2015-8221
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267257
|
- |
|
solarwinds
|
dameware_mini_remote_control
|
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8220
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267258
|
- |
|
ffmpeg
|
ffmpeg
|
The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a de…
|
CWE-20
Improper Input Validation
|
CVE-2015-8219
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267259
|
- |
|
ffmpeg
|
ffmpeg
|
The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array a…
|
CWE-20
Improper Input Validation
|
CVE-2015-8218
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267260
|
- |
|
ffmpeg
|
ffmpeg
|
The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds …
|
CWE-20
Improper Input Validation
|
CVE-2015-8217
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
