|
276951
|
- |
|
google
|
chrome
|
object-observe.js in Google V8, as used in Google Chrome before 45.0.2454.101, does not properly restrict method calls on access-checked objects, which allows remote attackers to bypass the Same Orig…
|
CWE-284
Improper Access Control
|
CVE-2015-1304
|
2024-11-21 11:25 |
2015-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276952
|
- |
|
google
|
chrome
|
bindings/core/v8/V8DOMWrapper.h in Blink, as used in Google Chrome before 45.0.2454.101, does not perform a rethrow action to propagate information about a cross-context exception, which allows remot…
|
CWE-20
Improper Input Validation
|
CVE-2015-1303
|
2024-11-21 11:25 |
2015-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276953
|
- |
|
simpestreams_project
canonical
|
simplestreams
ubuntu_linux
|
Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (ak…
|
CWE-20
Improper Input Validation
|
CVE-2015-1337
|
2024-11-21 11:25 |
2015-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276954
|
- |
|
apport_project
canonical
|
apport
ubuntu_linux
|
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.lo…
|
CWE-59
Link Following
|
CVE-2015-1338
|
2024-11-21 11:25 |
2015-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276955
|
- |
|
linuxcontainers
canonical
|
lxc
ubuntu_linux
|
lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows local container administrators to escape AppArmor confinement via a symlink attack on a (1) mount target or (2) bind mount source.
|
CWE-59
Link Following
|
CVE-2015-1335
|
2024-11-21 11:25 |
2015-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276956
|
- |
|
google
|
android
|
The AppWidgetServiceImpl implementation in com/android/server/appwidget/AppWidgetServiceImpl.java in the Settings application in Android before 5.1.1 LMY48I allows attackers to obtain a URI permissio…
|
CWE-284
Improper Access Control
|
CVE-2015-1541
|
2024-11-21 11:25 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276957
|
- |
|
google
|
android
|
Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via crafted ESDS atom…
|
CWE-189
Numeric Errors
|
CVE-2015-1539
|
2024-11-21 11:25 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276958
|
- |
|
google
|
android
|
Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted …
|
CWE-189
Numeric Errors
|
CVE-2015-1538
|
2024-11-21 11:25 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276959
|
- |
|
google
|
android
|
Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service (system_server crash) or …
|
CWE-189
Numeric Errors
|
CVE-2015-1536
|
2024-11-21 11:25 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276960
|
- |
|
google
|
android
|
Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of …
|
CWE-189
Numeric Errors
|
CVE-2015-1528
|
2024-11-21 11:25 |
2015-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
