|
212321
|
- |
|
djangoproject
|
django
|
The get_format function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7, and 1.9.x before 1.9rc2 might allow remote attackers to obtain sensitive application secrets via …
|
CWE-200
Information Exposure
|
CVE-2015-8213
|
2024-11-21 11:38 |
2015-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212322
|
- |
|
elastic
|
kibana
|
Cross-site request forgery (CSRF) vulnerability in Elasticsearch Kibana before 4.1.3 and 4.2.x before 4.2.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vec…
|
CWE-352
Origin Validation Error
|
CVE-2015-8131
|
2024-11-21 11:38 |
2015-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212323
|
- |
|
sensiolabs
|
symfony
|
Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1) Symfony/Component/Security/Http/…
|
NVD-CWE-noinfo
|
CVE-2015-8125
|
2024-11-21 11:38 |
2015-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212324
|
- |
|
sensiolabs
|
symfony
|
Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 allows remote attackers to hijack web sessions via a sess…
|
NVD-CWE-Other
|
CVE-2015-8124
|
2024-11-21 11:38 |
2015-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212325
|
- |
|
google
|
chrome
|
The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrome before 47.0.2526.73 does not initialize memory for a video-frame data structure, which might allo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8480
|
2024-11-21 11:38 |
2015-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212326
|
- |
|
google
|
chrome
|
Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/audio_output_device.cc in Google Chrome before 47.0.2526.73 allows attackers to cause a denial of ser…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8479
|
2024-11-21 11:38 |
2015-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212327
|
- |
|
google
|
chrome
v8
|
Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.73, allow attackers to cause a denial of service or possibly have other impact via unknow…
|
NVD-CWE-noinfo
|
CVE-2015-8478
|
2024-11-21 11:38 |
2015-12-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212328
|
- |
|
pcre
|
perl_compatible_regular_expression_library
|
PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted regular expression, as demonstrated …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8395
|
2024-11-21 11:38 |
2015-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212329
|
9.8 |
CRITICAL
Network
|
pcre
php
|
perl_compatible_regular_expression_library
php
|
PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact via …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-8394
|
2024-11-21 11:38 |
2015-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212330
|
7.5 |
HIGH
Network
|
pcre
fedoraproject
php
|
perl_compatible_regular_expression_library
fedora
php
|
pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a crafted file, as demonstrated by a CGI script that sen…
|
CWE-200
Information Exposure
|
CVE-2015-8393
|
2024-11-21 11:38 |
2015-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
