|
268381
|
- |
|
mayo_project
|
mayo
|
Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2015-8233
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268382
|
- |
|
uc_profile_project
|
uc_profile
|
The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from th…
|
CWE-200
Information Exposure
|
CVE-2015-8232
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268383
|
- |
|
canonical
|
ubuntu_linux
|
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8222
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268384
|
- |
|
google
|
picasa
|
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
|
CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error')
Numeric Errors
|
CVE-2015-8221
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268385
|
- |
|
solarwinds
|
dameware_mini_remote_control
|
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8220
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268386
|
- |
|
ffmpeg
|
ffmpeg
|
The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-value and maximum-value constraints on tile coordinates, which allows remote attackers to cause a de…
|
CWE-20
Improper Input Validation
|
CVE-2015-8219
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268387
|
- |
|
ffmpeg
|
ffmpeg
|
The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate uncompressed runs, which allows remote attackers to cause a denial of service (out-of-bounds array a…
|
CWE-20
Improper Input Validation
|
CVE-2015-8218
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268388
|
- |
|
ffmpeg
|
ffmpeg
|
The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the Chroma Format Indicator, which allows remote attackers to cause a denial of service (out-of-bounds …
|
CWE-20
Improper Input Validation
|
CVE-2015-8217
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268389
|
- |
|
ffmpeg
|
ffmpeg
|
The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain width and height checks, which allows remote attackers to cause a denial of service (out-of-bounds arr…
|
CWE-17
Code
|
CVE-2015-8216
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268390
|
- |
|
linux
|
linux_kernel
|
net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packe…
|
CWE-20
Improper Input Validation
|
CVE-2015-8215
|
2024-11-21 11:38 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
