|
212611
|
- |
|
mediawiki
|
mediawiki
|
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authen…
|
CWE-284
Improper Access Control
|
CVE-2015-8001
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212612
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
opensuse
hostapd
|
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a lar…
|
CWE-189
Numeric Errors
|
CVE-2015-8041
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212613
|
- |
|
opensuse
bouncycastle
oracle
|
leap
opensuse
bouncy_castle_crypto_package
peoplesoft_enterprise_peopletools
virtual_desktop_infrastructure
enterprise_manager_ops_center
application_testing_suite
|
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic …
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2015-7940
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212614
|
- |
|
login_disable_project
|
login_disable
|
The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly load the user_logout function, which allows remote attackers to bypass the logout protection me…
|
CWE-17
Code
|
CVE-2015-8082
|
2024-11-21 11:37 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212615
|
- |
|
field_as_block_project
|
field_as_block
|
The Field as Block module 7.x-1.x before 7.x-1.4 for Drupal might allow remote attackers to obtain sensitive field information by reading a cached block.
|
CWE-200
Information Exposure
|
CVE-2015-8081
|
2024-11-21 11:37 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212616
|
- |
|
symfony
|
twig
|
The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the _self variable in a template.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7809
|
2024-11-21 11:37 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212617
|
- |
|
openafs
|
openafs
|
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx acknowledgement (ACK) packet, which allows remote attac…
|
CWE-200
Information Exposure
|
CVE-2015-7763
|
2024-11-21 11:37 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212618
|
- |
|
openafs
debian
|
openafs
debian_linux
|
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowledgement (ACK) packet, which allows remote attacke…
|
CWE-200
Information Exposure
|
CVE-2015-7762
|
2024-11-21 11:37 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212619
|
- |
|
canonical
debian
unzip_project
|
ubuntu_linux
debian_linux
unzip
|
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
|
CWE-399
Resource Management Errors
|
CVE-2015-7697
|
2024-11-21 11:37 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212620
|
- |
|
canonical
debian
unzip_project
|
ubuntu_linux
debian_linux
unzip
|
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP arc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7696
|
2024-11-21 11:37 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
