|
267681
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9035
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267682
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to be null-terminated in SIP leading to a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9034
|
2024-11-21 11:39 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267683
|
9.8 |
CRITICAL
Network
|
zohocorp
|
manageengine_opmanager
|
Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. The implemented algorithm doesn't use a per-system key o…
|
CWE-310
Cryptographic Issues
|
CVE-2015-9107
|
2024-11-21 11:39 |
2017-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267684
|
5.4 |
MEDIUM
Network
|
synology
|
video_station
|
Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1.5 before 1.5-0772, and 1.6 before 1.6-0847 allow remote authenticated attackers to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9105
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267685
|
5.4 |
MEDIUM
Network
|
synology
|
audio_station
|
Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the a…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9104
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267686
|
5.4 |
MEDIUM
Network
|
synology
|
note_station
|
Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9103
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267687
|
5.4 |
MEDIUM
Network
|
synology
|
photo_station
|
Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station 6.0 before 6.0-2638 and 6.3 before 6.3-2962 allow remote authenticated attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9102
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267688
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service (heap-ba…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9101
|
2024-11-21 11:39 |
2017-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267689
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio fi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-9100
|
2024-11-21 11:39 |
2017-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267690
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file with a negati…
|
CWE-125
Out-of-bounds Read
|
CVE-2015-9099
|
2024-11-21 11:39 |
2017-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
