|
212151
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly h…
|
CWE-189
Numeric Errors
|
CVE-2015-8664
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212152
|
8.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height values after a failure, which allows remote attackers to cause a denial of service (out-of-bounds ar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8663
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212153
|
7.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which al…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8662
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212154
|
8.3 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not validate the relationship between the number of threads and the number of slices, which allows remote at…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8661
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212155
|
10.0 |
CRITICAL
Network
|
dovestones
|
ad_self_password_reset
|
The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self Password Reset before 3.0.4.0 allows remote attackers to reset arbitrary passwords …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8267
|
2024-11-21 11:38 |
2015-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212156
|
6.8 |
MEDIUM
Network
|
isc
|
kea
|
The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings are used, allow remote attackers to cause a denial of service (daemon crash) via a malformed packe…
|
CWE-20
Improper Input Validation
|
CVE-2015-8373
|
2024-11-21 11:38 |
2015-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212157
|
- |
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Rea…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-8458
|
2024-11-21 11:38 |
2015-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212158
|
- |
|
token_insert_entity_project
|
token_insert_entity
|
The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions, which allows remote authenticated users with certain permissions to bypass intended access restri…
|
CWE-200
Information Exposure
|
CVE-2015-8602
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212159
|
- |
|
chat_room_project
|
chat_room
|
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restr…
|
CWE-200
Information Exposure
|
CVE-2015-8601
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212160
|
- |
|
sap
|
mobile_platform
|
The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8600
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
