|
271931
|
- |
|
google
|
android
|
The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (…
|
CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error')
Numeric Errors
|
CVE-2015-3828
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271932
|
- |
|
google
|
android
|
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remo…
|
CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error')
Numeric Errors
|
CVE-2015-3827
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271933
|
- |
|
google
|
android
|
The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (…
|
CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error')
Numeric Errors
|
CVE-2015-3826
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271934
|
- |
|
google
|
android
|
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbit…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3824
|
2024-11-21 11:29 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271935
|
- |
|
apple
|
iphone_os
safari
|
The document.cookie API implementation in the CFNetwork Cookies subsystem in WebKit in Apple iOS before 9 allows remote attackers to bypass an intended single-cookie restriction via unspecified vecto…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3801
|
2024-11-21 11:29 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271936
|
- |
|
qlik
|
qlikview
|
XML external entity (XXE) vulnerability in QlikTech Qlikview before 11.20 SR12 allows remote attackers to conduct server-side request forgery (SSRF) attacks and read arbitrary files via crafted XML d…
|
NVD-CWE-Other
|
CVE-2015-3623
|
2024-11-21 11:29 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271937
|
- |
|
gnu
canonical
|
gnutls
ubuntu_linux
|
Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution …
|
NVD-CWE-Other
|
CVE-2015-3308
|
2024-11-21 11:29 |
2015-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271938
|
- |
|
linux
|
linux_kernel
|
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of se…
|
CWE-17
Code
|
CVE-2015-3291
|
2024-11-21 11:29 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271939
|
- |
|
linux
|
linux_kernel
|
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform improperly relies on espfix64 during nested NMI processing, which allows local users to gain privileges by triggering…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3290
|
2024-11-21 11:29 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271940
|
- |
|
hp
adobe
|
business_service_management
livecycle_data_services
|
Apache Flex BlazeDS, as used in flex-messaging-core.jar in Adobe LiveCycle Data Services (LCDS) 3.0.x before 3.0.0.354170, 4.5 before 4.5.1.354169, 4.6.2 before 4.6.2.354169, and 4.7 before 4.7.0.354…
|
CWE-200
Information Exposure
|
CVE-2015-3269
|
2024-11-21 11:29 |
2015-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
