|
271561
|
8.6 |
HIGH
Network
|
netgear
|
wnr1000v3_firmware
wnr1000v3
|
NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the de…
|
NVD-CWE-Other
|
CVE-2015-8263
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271562
|
6.8 |
MEDIUM
Network
|
buffalotech
|
airstation_extreme_n600_firmware
airstation_extreme_n600
|
Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof r…
|
NVD-CWE-Other
|
CVE-2015-8262
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271563
|
5.9 |
MEDIUM
Network
|
rsi_video_technologies
|
frontel_protocol
|
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity protection, which makes it easier for man-in-the-middle attackers to (1) initiate a false alarm or (2)…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2015-8254
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271564
|
3.7 |
LOW
Network
|
rsi_video_technologies
|
frontel_protocol
|
The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but sends all traffic in cleartext, which allows remote attackers to obtain sensitive (1) message or (…
|
CWE-200
Information Exposure
|
CVE-2015-8253
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271565
|
5.9 |
MEDIUM
Network
|
rsi_video_technologies
|
frontel_protocol
|
The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial number, which allows remote attackers to determine a hardcoded key by sniffing the network and perfo…
|
CWE-200
Information Exposure
|
CVE-2015-8252
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271566
|
5.3 |
MEDIUM
Network
|
phpmyadmin
|
phpmyadmin
|
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, …
|
CWE-200
Information Exposure
|
CVE-2015-8669
|
2024-11-21 11:38 |
2015-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271567
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly h…
|
CWE-189
Numeric Errors
|
CVE-2015-8664
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271568
|
8.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8663
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271569
|
7.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which al…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8662
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271570
|
8.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote at…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8661
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
