|
267791
|
7.8 |
HIGH
Local
|
google
linux
|
android
linux_kernel
|
arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileg…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8967
|
2024-11-21 11:39 |
2016-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267792
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8966
|
2024-11-21 11:39 |
2016-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267793
|
7.4 |
HIGH
Network
|
libtiff
|
libtiff
|
Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process …
|
CWE-20
CWE-190
Improper Input Validation
Integer Overflow or Wraparound
|
CVE-2015-8870
|
2024-11-21 11:39 |
2016-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267794
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local u…
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8970
|
2024-11-21 11:39 |
2016-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267795
|
7.5 |
HIGH
Network
|
soap\
|
\
|
In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, an example attack consists of defining 10 or more XML entities, each defined as consisting of 10 of the previous entity, with th…
|
CWE-399
Resource Management Errors
|
CVE-2015-8978
|
2024-11-21 11:39 |
2016-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267796
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.
|
CWE-200
Information Exposure
|
CVE-2015-8964
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267797
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an sweven…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2015-8963
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267798
|
7.3 |
HIGH
Local
|
linux
|
linux_kernel
|
Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and…
|
CWE-415
Double Free
|
CVE-2015-8962
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267799
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper acc…
|
CWE-416
Use After Free
|
CVE-2015-8961
|
2024-11-21 11:39 |
2016-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267800
|
9.8 |
CRITICAL
Network
|
squareup
|
git-fastclone
|
git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious commands by modifying the strings that are passed as arguments to "cd " and "g…
|
CWE-77
Command Injection
|
CVE-2015-8969
|
2024-11-21 11:39 |
2016-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
