|
275751
|
- |
|
oracle
wireshark
|
solaris
linux
wireshark
|
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a…
|
CWE-17
Code
|
CVE-2015-3811
|
2024-11-21 11:29 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275752
|
- |
|
wireshark
|
wireshark
|
epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption…
|
CWE-399
Resource Management Errors
|
CVE-2015-3810
|
2024-11-21 11:29 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275753
|
- |
|
wireshark
|
wireshark
|
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to ca…
|
CWE-189
Numeric Errors
|
CVE-2015-3809
|
2024-11-21 11:29 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275754
|
- |
|
wireshark
|
wireshark
|
The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial …
|
CWE-189
Numeric Errors
|
CVE-2015-3808
|
2024-11-21 11:29 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275755
|
- |
|
wppa.opajaap
|
wp-photo-album-plus
|
Multiple cross-site scripting (XSS) vulnerabilities in wppa-ajax-front.php in the WP Photo Album Plus (aka WPPA) plugin before 6.1.3 for WordPress allow remote attackers to inject arbitrary web scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3647
|
2024-11-21 11:29 |
2015-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275756
|
- |
|
module-signature_project
canonical
|
module-signature
ubuntu_linux
|
Untrusted search path vulnerability in Module::Signature before 0.75 allows local users to gain privileges via a Trojan horse module under the current working directory, as demonstrated by a Trojan h…
|
NVD-CWE-Other
|
CVE-2015-3409
|
2024-11-21 11:29 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275757
|
- |
|
module-signature_project
canonical
|
module-signature
ubuntu_linux
|
Module::Signature before 0.74 allows remote attackers to execute arbitrary shell commands via a crafted SIGNATURE file which is not properly handled when generating checksums from a signed manifest.
|
CWE-77
Command Injection
|
CVE-2015-3408
|
2024-11-21 11:29 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275758
|
- |
|
canonical
module-signature_project
|
ubuntu_linux
module-signature
|
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files via a signature file that does not list the files.
|
CWE-284
Improper Access Control
|
CVE-2015-3407
|
2024-11-21 11:29 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275759
|
- |
|
docker
|
docker
|
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3631
|
2024-11-21 11:29 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275760
|
- |
|
docker
|
docker
|
Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3630
|
2024-11-21 11:29 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
