|
211731
|
8.8 |
HIGH
Network
|
umbraco
|
umbraco
|
Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the …
|
CWE-352
Origin Validation Error
|
CVE-2015-8814
|
2024-11-21 11:39 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211732
|
8.2 |
HIGH
Network
|
umbraco
|
umbraco
|
The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks vi…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2015-8813
|
2024-11-21 11:39 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211733
|
7.5 |
HIGH
Network
|
php
|
php
|
An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a n…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8994
|
2024-11-21 11:39 |
2017-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211734
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2015-8903
|
2024-11-21 11:39 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211735
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2015-8902
|
2024-11-21 11:39 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211736
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2015-8901
|
2024-11-21 11:39 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211737
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to cause a denial of service (infinite loop) via a crafted HDR file.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2015-8900
|
2024-11-21 11:39 |
2017-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211738
|
7.5 |
HIGH
Network
|
debian
dicom
|
debian_linux
dcmtk
|
Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a long …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8979
|
2024-11-21 11:39 |
2017-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211739
|
9.8 |
CRITICAL
Network
|
gosa_project
|
gosa_plugin
|
The generate_smb_nt_hash function in include/functions.inc in GOsa allows remote attackers to execute arbitrary commands via a crafted password.
|
CWE-94
Code Injection
|
CVE-2015-8771
|
2024-11-21 11:39 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211740
|
9.8 |
CRITICAL
Network
|
click_project
canonical
|
click
ubuntu_linux
|
click/install.py in click does not require files in package filesystem tarballs to start with ./ (dot slash), which allows remote attackers to install an alternate security policy and gain privileges…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8768
|
2024-11-21 11:39 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
