|
271371
|
- |
|
wvware
|
libwmf
|
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.
|
NVD-CWE-Other
|
CVE-2015-4696
|
2024-11-21 11:31 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271372
|
- |
|
wvware
|
libwmf
|
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4695
|
2024-11-21 11:31 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271373
|
- |
|
opensuse
wvware
fedoraproject
|
opensuse
libwmf
fedora
|
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length coun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4588
|
2024-11-21 11:31 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271374
|
- |
|
nextendweb
|
facebook_connect
|
Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to in…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4413
|
2024-11-21 11:31 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271375
|
- |
|
audiosharescript
|
audioshare
|
PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config['basedir'] parameter.
|
CWE-94
Code Injection
|
CVE-2015-4726
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271376
|
- |
|
audiosharescript
|
audioshare
|
Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4725
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271377
|
- |
|
alcatel-lucent
|
cellpipe_7130_rg_5ae.m2013_hol_firmware
|
Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL with firmware 1.0.0.20h.HOL allows remote attackers to hijack the authentication of administrators for…
|
CWE-352
Origin Validation Error
|
CVE-2015-4586
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271378
|
- |
|
dream-multimedia-tv
|
dreambox_dm500-s_firmware
|
Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject arbitrary web script or HTML via the mode parameter to /body.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4714
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271379
|
- |
|
apphp
|
hotel_site
|
SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL commands via the pid parameter to index.php.
|
CWE-89
SQL Injection
|
CVE-2015-4713
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271380
|
- |
|
arduino_json_project
|
arduino_json
|
The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote attackers to cause a denial of service (crash) via a JSON string with a \ (backslash) followed by a ter…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4590
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
