|
270801
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_search) component in TYPO3 6.2.x before 6.2.16 allows remote authenticated editors to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8756
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270802
|
5.4 |
MEDIUM
Network
|
typo3
|
typo3
|
Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x before 6.2.16 and 7.x before 7.6.1 allow remote authenticated editors to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8755
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270803
|
7.5 |
HIGH
Network
|
acquia
|
mollom
|
The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8754
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270804
|
9.1 |
CRITICAL
Network
|
sap
|
afaria
|
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8753
|
2024-11-21 11:39 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270805
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause…
|
CWE-20
Improper Input Validation
|
CVE-2015-8742
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270806
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to caus…
|
CWE-20
Improper Input Validation
|
CVE-2015-8741
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270807
|
5.3 |
MEDIUM
Adjacent
|
wireshark
|
wireshark
|
The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers…
|
CWE-20
Improper Input Validation
|
CVE-2015-8740
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270808
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cau…
|
CWE-20
Improper Input Validation
|
CVE-2015-8739
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270809
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, w…
|
CWE-20
Improper Input Validation
|
CVE-2015-8738
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270810
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service (divide-by-…
|
CWE-20
Improper Input Validation
|
CVE-2015-8737
|
2024-11-21 11:39 |
2016-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
