|
211701
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file.
|
CWE-399
Resource Management Errors
|
CVE-2015-8959
|
2024-11-21 11:39 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211702
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8958
|
2024-11-21 11:39 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211703
|
6.5 |
MEDIUM
Network
|
imagemagick
|
imagemagick
|
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8957
|
2024-11-21 11:39 |
2017-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211704
|
6.4 |
MEDIUM
Physics
|
samsung
|
kies
|
Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.
|
CWE-22
Path Traversal
|
CVE-2015-8780
|
2024-11-21 11:39 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211705
|
6.1 |
MEDIUM
Network
|
opensuse
roundcube
|
leap
opensuse
roundcube_webmail
webmail
|
Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG, a different vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8864
|
2024-11-21 11:39 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211706
|
9.8 |
CRITICAL
Network
|
perforce
oracle
|
jviews
data_integrator
|
Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbitrary Java code that exists in the classpath, such as test code or administration code. The issue e…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8965
|
2024-11-21 11:39 |
2017-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211707
|
5.3 |
MEDIUM
Network
|
xmlsoft
|
libxslt
|
In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed during startup, which could cause usage of this function to produce predictable outputs.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2015-9019
|
2024-11-21 11:39 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211708
|
8.1 |
HIGH
Network
|
freeradius
|
freeradius
|
Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8764
|
2024-11-21 11:39 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211709
|
8.1 |
HIGH
Network
|
freeradius
|
freeradius
|
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2015-8763
|
2024-11-21 11:39 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211710
|
5.9 |
MEDIUM
Network
|
freeradius
|
freeradius
|
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-8762
|
2024-11-21 11:39 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
