|
268501
|
- |
|
ffmpeg
|
ffmpeg
|
The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certain context data, which allows remote attackers to cause a denial of service (segmentation violation)…
|
CWE-17
Code
|
CVE-2015-6823
|
2024-11-21 11:35 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268502
|
- |
|
ffmpeg
|
ffmpeg
|
The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain height and width values in the video context, which allows remote attackers to cause a denial of se…
|
CWE-17
Code
|
CVE-2015-6822
|
2024-11-21 11:35 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268503
|
- |
|
ffmpeg
|
ffmpeg
|
The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service (invalid p…
|
CWE-20
Improper Input Validation
|
CVE-2015-6821
|
2024-11-21 11:35 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268504
|
- |
|
ffmpeg
canonical
|
ffmpeg
ubuntu_linux
|
The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matching AAC frame syntax element before proceeding with Spectral Band Replication calculations, which all…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6820
|
2024-11-21 11:35 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268505
|
- |
|
ffmpeg
|
ffmpeg
|
Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg before 2.7.2 allow remote attackers to cause a denial of service (out-of-bounds array access) or p…
|
CWE-189
Numeric Errors
|
CVE-2015-6819
|
2024-11-21 11:35 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268506
|
- |
|
ffmpeg
canonical
|
ffmpeg
ubuntu_linux
|
The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR (aka image header) chunk in a PNG image, which allows remote attackers to cause a …
|
CWE-17
Code
|
CVE-2015-6818
|
2024-11-21 11:35 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268507
|
- |
|
invisioncommunity
|
invision_power_board
|
Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.0.12.1 allows remote attackers to cause a denial of service (loop and memory consumption) via a cr…
|
CWE-399
Resource Management Errors
|
CVE-2015-6812
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268508
|
- |
|
cyberoam
|
cyberoamos
|
SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10.6.2 MR-1 and earlier allows remote attackers to execute arbitrary SQL commands via the username pa…
|
CWE-89
SQL Injection
|
CVE-2015-6811
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268509
|
- |
|
invisionpower
|
invision_power_board
|
Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) 4.x before 4.0.12.1 allows remote authenticated users to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6810
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268510
|
- |
|
bedita
|
bedita
|
Multiple cross-site scripting (XSS) vulnerabilities in BEdita before 3.6.0 allow remote attackers to inject arbitrary web script or HTML via the (1) cfg[projectName] parameter to index.php/admin/save…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6809
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
