|
267731
|
5.3 |
MEDIUM
Network
|
xmlsoft
|
libxslt
|
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2015-9019
|
2024-11-21 11:39 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267732
|
8.1 |
HIGH
Network
|
freeradius
|
freeradius
|
Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8764
|
2024-11-21 11:39 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267733
|
8.1 |
HIGH
Network
|
freeradius
|
freeradius
|
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8763
|
2024-11-21 11:39 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267734
|
5.9 |
MEDIUM
Network
|
freeradius
|
freeradius
|
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8762
|
2024-11-21 11:39 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267735
|
5.9 |
MEDIUM
Network
|
gnu
|
glibc
|
The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attackers to cause a denial of service (assertion failure and application crash) via vectors related to …
|
CWE-19
Data Processing Errors
|
CVE-2015-8985
|
2024-11-21 11:39 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267736
|
5.9 |
MEDIUM
Network
|
gnu
|
glibc
|
The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash) via a malformed pattern, which trig…
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8984
|
2024-11-21 11:39 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267737
|
8.1 |
HIGH
Network
|
gnu
|
glibc
|
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (applicatio…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-8983
|
2024-11-21 11:39 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267738
|
9.8 |
CRITICAL
Network
|
openinfosecfoundation
|
suricata
|
The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from comparisons, which might allow remote attackers to bypass intrusion-prevention functionality via a crafte…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8954
|
2024-11-21 11:39 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267739
|
9.8 |
CRITICAL
Network
|
podofo_project
|
podofo
|
Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in PoDoFo allows attackers to have unspecified impact via vectors related to m_offsets.size.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8981
|
2024-11-21 11:39 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267740
|
8.1 |
HIGH
Network
|
gnu
|
glibc
|
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary co…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-8982
|
2024-11-21 11:39 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
