|
211741
|
6.5 |
MEDIUM
Network
|
libdwarf_project
|
libdwarf
|
libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8750
|
2024-11-21 11:39 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211742
|
6.1 |
MEDIUM
Network
|
squidguard
|
squidguard
|
Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote attackers to inject arbitrary web script or HTML via a blocked site link.
|
CWE-79
Cross-site Scripting
|
CVE-2015-8936
|
2024-11-21 11:39 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211743
|
8.8 |
HIGH
Network
|
dotclear
|
dotclear
|
Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2 allow remote authenticated users with "manage their own media items" and "manage their own entries…
|
CWE-284
Improper Access Control
|
CVE-2015-8832
|
2024-11-21 11:39 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211744
|
6.1 |
MEDIUM
Network
|
dotclear
|
dotclear
|
Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the author name in a comment.
|
CWE-79
Cross-site Scripting
|
CVE-2015-8831
|
2024-11-21 11:39 |
2017-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211745
|
7.5 |
HIGH
Network
|
mybb
|
mybb
merge_system
|
MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allow remote attackers to obtain the installation path via vectors involving error log files.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2015-8977
|
2024-11-21 11:39 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211746
|
6.1 |
MEDIUM
Network
|
mybb
|
mybb
merge_system
|
Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8976
|
2024-11-21 11:39 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211747
|
6.1 |
MEDIUM
Network
|
mybb
|
mybb
merge_system
|
Cross-site scripting (XSS) vulnerability in the error handler in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 might allow remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8975
|
2024-11-21 11:39 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211748
|
10.0 |
CRITICAL
Network
|
mybb
|
mybb
merge_system
|
SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remo…
|
CWE-89
SQL Injection
|
CVE-2015-8974
|
2024-11-21 11:39 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211749
|
8.3 |
HIGH
Network
|
mybb
|
mybb
merge_system
|
xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 allows remote attackers to bypass intended access restrictions via vectors related to…
|
CWE-284
Improper Access Control
|
CVE-2015-8973
|
2024-11-21 11:39 |
2017-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211750
|
9.8 |
CRITICAL
Network
|
gnu
|
chess
|
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large inp…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8972
|
2024-11-21 11:39 |
2017-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
