|
280081
|
9.8 |
CRITICAL
Network
|
php
|
php
|
The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows…
|
CWE-20
Improper Input Validation
|
CVE-2015-5589
|
2024-11-21 11:33 |
2016-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280082
|
7.5 |
HIGH
Network
|
botan_project
debian
|
botan
debian_linux
|
The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, related to a length field.
|
CWE-399
Resource Management Errors
|
CVE-2015-5727
|
2024-11-21 11:33 |
2016-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280083
|
7.5 |
HIGH
Network
|
botan_project
debian
|
botan
debian_linux
|
The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to cause a denial of service (application crash) via an empty BIT STRING in ASN.1 data.
|
CWE-20
Improper Input Validation
|
CVE-2015-5726
|
2024-11-21 11:33 |
2016-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280084
|
6.5 |
MEDIUM
Network
|
ubuntu
libav
opensuse
|
ubuntu
libav
leap
|
The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with craft…
|
CWE-189
Numeric Errors
|
CVE-2015-5479
|
2024-11-21 11:33 |
2016-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280085
|
7.5 |
HIGH
Network
|
f5
|
big-iq_application_delivery_controller
big-ip_local_traffic_manager
big-ip_access_policy_manager
big-ip_edge_gateway
big-ip_application_security_manager
big-iq_security
big-ip_wan_o…
|
Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x before 10.2.4 HF13, 11.x before 11.2.1 HF15, 11.3.x, 11.4.x, 11.5.x before 11.5.3 HF2, and 11.6.x b…
|
CWE-399
Resource Management Errors
|
CVE-2015-5516
|
2024-11-21 11:33 |
2016-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280086
|
7.3 |
HIGH
Network
|
php
|
php
|
Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of servic…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5590
|
2024-11-21 11:33 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280087
|
5.3 |
MEDIUM
Network
|
swim_team_project
|
swim_team
|
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file par…
|
CWE-22
Path Traversal
|
CVE-2015-5471
|
2024-11-21 11:33 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280088
|
5.4 |
MEDIUM
Network
|
hp
|
storeonce_backup_system_software
|
Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5447
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280089
|
7.5 |
HIGH
Adjacent
|
hp
|
storeonce_backup_system_software
|
HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-5446
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280090
|
8.8 |
HIGH
Network
|
hp
|
storeonce_backup_system_software
|
Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown …
|
CWE-352
Origin Validation Error
|
CVE-2015-5445
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
