|
270481
|
- |
|
wireshark
oracle
|
wireshark
solaris
|
The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a n…
|
CWE-20
Improper Input Validation
|
CVE-2015-6241
|
2024-11-21 11:34 |
2015-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270482
|
- |
|
gnu
debian
|
gnutls
debian_linux
|
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
|
NVD-CWE-Other
|
CVE-2015-6251
|
2024-11-21 11:34 |
2015-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270483
|
- |
|
djangoproject
canonical
oracle
|
django
ubuntu_linux
solaris
|
The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functions in Django 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions create empty ses…
|
CWE-399
Resource Management Errors
|
CVE-2015-5964
|
2024-11-21 11:34 |
2015-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270484
|
- |
|
djangoproject
oracle
canonical
|
django
solaris
ubuntu_linux
|
contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4.x before 1.4.22, and possibly other versions allows remote attackers to cause a denial of service …
|
CWE-399
Resource Management Errors
|
CVE-2015-5963
|
2024-11-21 11:34 |
2015-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270485
|
- |
|
cisco
|
wireless_lan_controller_software
|
The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted I…
|
CWE-20
Improper Input Validation
|
CVE-2015-6258
|
2024-11-21 11:34 |
2015-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270486
|
- |
|
cisco
|
asr_5000_series_software
|
Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote attackers to cause a denial of service (OSPF process restart) via crafted length fields in headers of OSPF packets, aka Bug ID CSCuv628…
|
CWE-20
Improper Input Validation
|
CVE-2015-6256
|
2024-11-21 11:34 |
2015-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270487
|
- |
|
cisco
|
unified_web_and_e-mail_interaction_manager
|
Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) allows remote attackers to inject arbitrary web script or HTML via a crafted chat message, aka Bug …
|
CWE-79
Cross-site Scripting
|
CVE-2015-6255
|
2024-11-21 11:34 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270488
|
- |
|
picketlink
|
picketlink
|
The (1) Service Provider (SP) and (2) Identity Provider (IdP) in PicketLink before 2.7.0 does not ensure that the Destination attribute in a Response element in a SAML assertion matches the location …
|
CWE-17
Code
|
CVE-2015-6254
|
2024-11-21 11:34 |
2015-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270489
|
- |
|
fortinet
|
fortios
|
The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in finished messages, which makes it easier for remote attackers to spoof encrypted content via a craft…
|
CWE-20
Improper Input Validation
|
CVE-2015-5965
|
2024-11-21 11:34 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270490
|
- |
|
mozilla
|
firefox_os
|
Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the buffer-management implementation in the graphics layer in Mozilla Firefox OS before 2.2 might allo…
|
CWE-189
Numeric Errors
|
CVE-2015-5962
|
2024-11-21 11:34 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
