|
271411
|
- |
|
libmspack_project
|
libmspack
|
Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a cr…
|
CWE-189
Numeric Errors
|
CVE-2015-4472
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271412
|
- |
|
libmspack_project
|
libmspack
|
Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer under-read and application crash) via a crafted CAB arc…
|
CWE-189
Numeric Errors
|
CVE-2015-4471
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271413
|
- |
|
libmspack_project
|
libmspack
|
Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CAB archive.
|
CWE-189
Numeric Errors
|
CVE-2015-4470
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271414
|
- |
|
libmspack_project
|
libmspack
|
The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service (buffer over-read and application crash) vi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4469
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271415
|
- |
|
libmspack_project
|
libmspack
|
Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted CH…
|
CWE-189
Numeric Errors
|
CVE-2015-4468
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271416
|
- |
|
libmspack_project
|
libmspack
|
The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of service (divide-by-zero error and app…
|
CWE-189
Numeric Errors
|
CVE-2015-4467
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271417
|
- |
|
zanematthew
|
zm_ajax_login_\&_register
|
Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4465
|
2024-11-21 11:31 |
2015-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271418
|
- |
|
magnifica_webscripts
|
anima_gallery
|
Multiple directory traversal vulnerabilities in func.php in Magnifica Webscripts Anima Gallery 2.6 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) th…
|
CWE-22
Path Traversal
|
CVE-2015-4415
|
2024-11-21 11:31 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271419
|
- |
|
ektron
|
ektron_content_management_system
|
Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/workarea.aspx in Ektron Content Management System (CMS) before 9.10 SP1 (Build 9.1.0.184.1.114) allow remote authenticated users t…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4427
|
2024-11-21 11:31 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271420
|
- |
|
zohocorp
|
manageengine_netflow_analyzer
|
Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a password field, which makes it easier for remote attackers to obtain access by leveraging an unattended…
|
CWE-284
Improper Access Control
|
CVE-2015-4418
|
2024-11-21 11:31 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
