|
272421
|
- |
|
google
|
android
|
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23416608.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6599
|
2024-11-21 11:35 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272422
|
- |
|
google
|
android
|
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23306638.
|
CWE-20
Improper Input Validation
|
CVE-2015-6598
|
2024-11-21 11:35 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272423
|
- |
|
google
|
android
|
mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bugs 20731946 and 20719651, a different vulnerability than CVE-2015-7717.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6596
|
2024-11-21 11:35 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272424
|
- |
|
symantec
|
netbackup_opscenter
|
Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBackup OpsCenter before 7.7.1 allows remote authenticated users to inject arbitrary web script or HTML …
|
CWE-79
Cross-site Scripting
|
CVE-2015-6549
|
2024-11-21 11:35 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272425
|
- |
|
google
|
android
|
libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file, as demonstrated by an attack against use of libutils by l…
|
CWE-20
Improper Input Validation
|
CVE-2015-6602
|
2024-11-21 11:35 |
2015-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272426
|
- |
|
google
|
android
|
SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer promotion, which allows remote attackers to execute arbitrary code or cause a denial of service (in…
|
CWE-189
Numeric Errors
|
CVE-2015-6575
|
2024-11-21 11:35 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272427
|
- |
|
openvz
|
vzctl
|
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users …
|
CWE-59
Link Following
|
CVE-2015-6927
|
2024-11-21 11:35 |
2015-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272428
|
- |
|
gnu
|
gnu_screen
|
The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service (stack consumption) via an escape sequenc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6806
|
2024-11-21 11:35 |
2015-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272429
|
- |
|
cubecart
|
cubecart
|
classes/admin.class.php in CubeCart 5.2.12 through 5.2.16 and 6.x before 6.0.7 does not properly validate that a password reset request was made, which allows remote attackers to change the administr…
|
CWE-284
Improper Access Control
|
CVE-2015-6928
|
2024-11-21 11:35 |
2015-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272430
|
- |
|
codewrights
endress\+hauser
|
hart_comm_dtm
|
CodeWrights HART Comm DTM components, as used with Endress+Hauser FieldCare, allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU …
|
NVD-CWE-Other
|
CVE-2015-6463
|
2024-11-21 11:35 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
