|
268851
|
5.9 |
MEDIUM
Network
|
lightdm_project
|
lightdm
|
Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP server is enabled allows remote attackers to cause a denial of service (process crash) via an XDMC…
|
CWE-129
Improper Validation of Array Index
|
CVE-2015-8316
|
2024-11-21 11:38 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268852
|
8.8 |
HIGH
Network
|
huawei
|
vcn500_firmware
|
SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100R002C00SPC201 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTT…
|
CWE-89
SQL Injection
|
CVE-2015-8334
|
2024-11-21 11:38 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268853
|
9.8 |
CRITICAL
Network
|
knx
|
ets
|
Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote attackers to execute arbitrary code via a crafted KNXnet/IP UDP packet.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8299
|
2024-11-21 11:38 |
2017-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268854
|
8.8 |
HIGH
Network
|
huawei
|
vcm5010_firmware
vcm5020_firmware
|
Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and p…
|
CWE-287
Improper Authentication
|
CVE-2015-8332
|
2024-11-21 11:38 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268855
|
7.8 |
HIGH
Local
|
polycom
|
btoe_connector
|
Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privilege…
|
CWE-275
Permission Issues
|
CVE-2015-8300
|
2024-11-21 11:38 |
2017-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268856
|
8.8 |
HIGH
Network
|
orion-soft
|
bitrix
|
Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) order or (2) "by" par…
|
CWE-89
SQL Injection
|
CVE-2015-8355
|
2024-11-21 11:38 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268857
|
9.8 |
CRITICAL
Network
|
zen-cart
|
zen_cart
|
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
|
CWE-22
Path Traversal
|
CVE-2015-8352
|
2024-11-21 11:38 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268858
|
7.8 |
HIGH
Local
|
lxdm_project
|
lxdm
|
LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections.
|
CWE-287
Improper Authentication
|
CVE-2015-8308
|
2024-11-21 11:38 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268859
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths is missing in malware protection.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8596
|
2024-11-21 11:38 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268860
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read vulnerability exists in digital television/digital radio DRM.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8595
|
2024-11-21 11:38 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
