|
266841
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attack…
|
CWE-20
Improper Input Validation
|
CVE-2015-8714
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266842
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial o…
|
CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error')
Improper Input Validation
|
CVE-2015-8713
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266843
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attac…
|
CWE-20
Improper Input Validation
|
CVE-2015-8712
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266844
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of se…
|
CWE-20
Improper Input Validation
|
CVE-2015-8711
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266845
|
7.5 |
HIGH
Network
|
heartcombo
|
devise
|
The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an adversary to obtain unauthorized persistent application access.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2015-8314
|
2024-11-21 11:38 |
2023-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266846
|
8.8 |
HIGH
Network
|
getcomposer
|
composer
|
Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This results in attacker-controlled code entering a server-side build process. The issue occurs because o…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2015-8371
|
2024-11-21 11:38 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266847
|
9.8 |
CRITICAL
Network
|
google
|
android
|
An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-ba…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-8546
|
2024-11-21 11:38 |
2020-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266848
|
8.8 |
HIGH
Network
|
lenovo
|
solution_center
|
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to vers…
|
CWE-352
Origin Validation Error
|
CVE-2015-8536
|
2024-11-21 11:38 |
2020-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266849
|
7.8 |
HIGH
Local
|
lenovo
|
solution_center
|
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A directory traversal vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center…
|
CWE-22
Path Traversal
|
CVE-2015-8535
|
2024-11-21 11:38 |
2020-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266850
|
7.8 |
HIGH
Local
|
lenovo
|
solution_center
|
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution…
|
CWE-269
Improper Privilege Management
|
CVE-2015-8534
|
2024-11-21 11:38 |
2020-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
