|
271151
|
7.5 |
HIGH
Network
|
novell
libarchive
|
suse_linux_enterprise_server
suse_linux_enterprise_desktop
suse_linux_enterprise_software_development_kit
libarchive
|
The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8918
|
2024-11-21 11:39 |
2016-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271152
|
7.5 |
HIGH
Network
|
debian
libarchive
canonical
|
debian_linux
libarchive
ubuntu_linux
|
bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an invalid character in the name of a cab file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8917
|
2024-11-21 11:39 |
2016-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271153
|
6.5 |
MEDIUM
Network
|
canonical
debian
libarchive
|
ubuntu_linux
debian_linux
libarchive
|
bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NU…
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8916
|
2024-11-21 11:39 |
2016-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271154
|
5.5 |
MEDIUM
Local
|
libarchive
|
libarchive
|
bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid read and crash) via crafted cpio file.
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8915
|
2024-11-21 11:39 |
2016-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271155
|
7.5 |
HIGH
Network
|
opensuse
canonical
gnu
|
leap
opensuse
ubuntu_linux
libidn
|
idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8948
|
2024-11-21 11:39 |
2016-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271156
|
9.8 |
CRITICAL
Network
|
debian
dbd-mysql_project
|
debian_linux
dbd-mysql
|
Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.
|
CWE-416
Use After Free
|
CVE-2015-8949
|
2024-11-21 11:39 |
2016-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271157
|
6.1 |
MEDIUM
Network
|
php
|
php
|
The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x before 5.6.6 supports deprecated line folding without considering browser compatibility, which allows r…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8935
|
2024-11-21 11:39 |
2016-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271158
|
5.5 |
MEDIUM
Local
|
linux
google
|
linux_kernel
android
|
The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which …
|
CWE-200
Information Exposure
|
CVE-2015-8944
|
2024-11-21 11:39 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271159
|
7.8 |
HIGH
Local
|
google
|
android
|
drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, whic…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8943
|
2024-11-21 11:39 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271160
|
7.8 |
HIGH
Local
|
google
|
android
|
drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8942
|
2024-11-21 11:39 |
2016-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
