|
212361
|
9.8 |
CRITICAL
Network
|
netapp
|
data_ontap
|
NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8…
|
CWE-287
Improper Authentication
|
CVE-2015-7746
|
2024-11-21 11:37 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212362
|
6.1 |
MEDIUM
Network
|
atutor
|
atutor
|
Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the h parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-7711
|
2024-11-21 11:37 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212363
|
9.8 |
CRITICAL
Network
|
pngcrush_project
|
pngcrush
|
Double-free vulnerability in the sPLT chunk structure and png.c in pngcrush before 1.7.87 allows attackers to have unspecified impact via unknown vectors.
|
CWE-415
Double Free
|
CVE-2015-7700
|
2024-11-21 11:37 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212364
|
6.5 |
MEDIUM
Network
|
samsung
|
samsung_mobile
|
LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7896
|
2024-11-21 11:37 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212365
|
7.5 |
HIGH
Network
|
spi-inc
|
ganeti
|
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.…
|
CWE-200
Information Exposure
|
CVE-2015-7945
|
2024-11-21 11:37 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212366
|
7.5 |
HIGH
Network
|
spi-inc
|
ganeti
|
The RESTful control interface (aka RAPI or ganeti-rapi) in Ganeti before 2.9.7, 2.10.x before 2.10.8, 2.11.x before 2.11.8, 2.12.x before 2.12.6, 2.13.x before 2.13.3, 2.14.x before 2.14.2, and 2.15.…
|
CWE-399
Resource Management Errors
|
CVE-2015-7944
|
2024-11-21 11:37 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212367
|
8.8 |
HIGH
Network
|
samsung
|
galaxy_s6_edge_firmware
|
The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7894
|
2024-11-21 11:37 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212368
|
7.5 |
HIGH
Network
|
netflix
|
lemur
|
Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode.
|
CWE-331
Insufficient Entropy
|
CVE-2015-7764
|
2024-11-21 11:37 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212369
|
9.8 |
CRITICAL
Network
|
ntp
debian
netapp
|
ntp
debian_linux
oncommand_balance
clustered_data_ontap
data_ontap
oncommand_unified_manager
oncommand_performance_manager
|
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
|
CWE-287
Improper Authentication
|
CVE-2015-7871
|
2024-11-21 11:37 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212370
|
6.5 |
MEDIUM
Network
|
ntp
debian
netapp
siemens
|
ntp
debian_linux
oncommand_balance
clustered_data_ontap
data_ontap
oncommand_unified_manager
oncommand_performance_manager
tim_4r-ie_firmware
tim_4r-ie_dnp3_firmware
|
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a l…
|
CWE-20
Improper Input Validation
|
CVE-2015-7855
|
2024-11-21 11:37 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
