|
277191
|
7.8 |
HIGH
Local
|
google
|
android
|
media/libmedia/IAudioPolicyService.cpp in Android before 5.1 allows attackers to execute arbitrary code with media_server privileges or cause a denial of service (integer overflow) via a crafted appl…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-1530
|
2024-11-21 11:25 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277192
|
5.5 |
MEDIUM
Local
|
google
|
android
|
audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address.
|
CWE-20
Improper Input Validation
|
CVE-2015-1525
|
2024-11-21 11:25 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277193
|
7.5 |
HIGH
Network
|
gnu
debian
|
patch
debian_linux
|
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an in…
|
CWE-22
Path Traversal
|
CVE-2015-1396
|
2024-11-21 11:25 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277194
|
5.5 |
MEDIUM
Local
|
gnupg
canonical
|
gnupg
ubuntu_linux
|
kbx/keybox-search.c in GnuPG before 1.4.19, 2.0.x before 2.0.27, and 2.1.x before 2.1.2 does not properly handle bitwise left-shifts, which allows remote attackers to cause a denial of service (inval…
|
CWE-20
Improper Input Validation
|
CVE-2015-1607
|
2024-11-21 11:25 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277195
|
5.5 |
MEDIUM
Local
|
gnupg
debian
|
gnupg
debian_linux
|
The keyring DB in GnuPG before 2.1.2 does not properly handle invalid packets, which allows remote attackers to cause a denial of service (invalid read and use-after-free) via a crafted keyring file.
|
CWE-416
Use After Free
|
CVE-2015-1606
|
2024-11-21 11:25 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277196
|
5.3 |
MEDIUM
Network
|
canonical
|
ubuntu_linux
|
All versions of unity-scope-gdrive logs search terms to syslog.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2015-1343
|
2024-11-21 11:25 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277197
|
7.8 |
HIGH
Local
|
canonical
|
ubuntu_linux
apport
|
Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1341
|
2024-11-21 11:25 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277198
|
8.1 |
HIGH
Network
|
linuxcontainers
|
lxd
|
LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause a…
|
CWE-362
Race Condition
|
CVE-2015-1340
|
2024-11-21 11:25 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277199
|
7.8 |
HIGH
Local
|
canonical
|
ubuntu_linux
|
Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transf…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1327
|
2024-11-21 11:25 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277200
|
8.8 |
HIGH
Network
|
python-dbusmock_project
|
python-dbusmock
|
python-dbusmock before version 0.15.1 AddTemplate() D-Bus method call or DBusTestCase.spawn_server_template() method could be tricked into executing malicious code if an attacker supplies a .pyc file.
|
CWE-20
Improper Input Validation
|
CVE-2015-1326
|
2024-11-21 11:25 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
