|
271681
|
7.5 |
HIGH
Network
|
netapp
|
snapdrive
|
NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-8544
|
2024-11-21 11:38 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271682
|
8.8 |
HIGH
Network
|
netapp
|
data_ontap
|
NetApp OnCommand System Manager 8.3.x before 8.3.2 allows remote authenticated users to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-8322
|
2024-11-21 11:38 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271683
|
9.8 |
CRITICAL
Network
|
perl
|
perl
|
The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denial of service (out-of-bounds read) and possibly execute arbitrary code via a crafted (1) drive lette…
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8608
|
2024-11-21 11:38 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271684
|
5.9 |
MEDIUM
Network
|
ntp
|
ntp
|
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
|
NVD-CWE-Other
|
CVE-2015-8158
|
2024-11-21 11:38 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271685
|
4.8 |
MEDIUM
Network
|
ntp
|
ntp
|
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
|
CWE-284
Improper Access Control
|
CVE-2015-8140
|
2024-11-21 11:38 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271686
|
5.3 |
MEDIUM
Network
|
ntp
|
ntp
|
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2015-8139
|
2024-11-21 11:38 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271687
|
5.3 |
MEDIUM
Network
|
ntp
|
ntp
|
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
|
CWE-20
Improper Input Validation
|
CVE-2015-8138
|
2024-11-21 11:38 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271688
|
7.5 |
HIGH
Network
|
vercel
|
ms
|
The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumption) via a long version string, aka a "regular expression denial of service (ReDoS)."
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2015-8315
|
2024-11-21 11:38 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271689
|
9.8 |
CRITICAL
Network
|
netbsd
|
netbsd
|
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware pr…
|
CWE-20
Improper Input Validation
|
CVE-2015-8212
|
2024-11-21 11:38 |
2017-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271690
|
6.1 |
MEDIUM
Network
|
exponentcms
|
exponent_cms
|
Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspe…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8684
|
2024-11-21 11:38 |
2017-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
