CVEs from 2015
Total
7,266
critical
critical 1,306
high
high 1,666
medium
medium 3,617
low
low 554
% Critical
18.0%
% with KEV
0.6%
% with exploit
10.1%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat 878
- acrobat_reader 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7089 | medium | 6.6 | 6.6 | 11y ago | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerabili… | |||
| CVE-2015-7088 | medium | 6.6 | 6.6 | 11y ago | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerabili… | |||
| CVE-2015-7087 | medium | 6.6 | 6.6 | 11y ago | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerabili… | |||
| CVE-2015-7086 | medium | 6.6 | 6.6 | 11y ago | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerabili… | |||
| CVE-2015-7085 | medium | 6.6 | 6.6 | 11y ago | Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different vulnerabili… | |||
| CVE-2015-6643 | medium | 6.6 | 6.6 | 11y ago | Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka … | |||
| CVE-2015-8328 | medium | — | 6.6 | 11y ago | Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive… | |||
| CVE-2015-7869 | medium | — | 6.6 | 11y ago | Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before … | |||
| CVE-2015-4837 | medium | — | 6.6 | 11y ago | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Utility/Security. | |||
| CVE-2015-6322 | medium | — | 6.6 | 11y ago | The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-… | |||
| CVE-2015-4505 | medium | — | 6.6 | 11y ago | updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local users to write to arbitrary files by conducting a junction attack and waiting for an update operati… | |||
| CVE-2015-2594 | medium | — | 6.6 | 11y ago | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.32, 4.1.40, 4.2.32, and 4.3.30 allows local users to affect confidentiality, integrity… | |||
| CVE-2015-3436 | medium | — | 6.6 | 11y ago | provider/server/ECServer.cpp in Zarafa Collaboration Platform (ZCP) before 7.1.13 and 7.2.x before 7.2.1 allows local users to write to arbitrary files via a symlink attack on /tmp/zarafa-upgrade-loc… | |||
| CVE-2015-0665 | medium | — | 6.6 | 11y ago | The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173. | |||
| CVE-2015-0663 | medium | — | 6.6 | 11y ago | Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages,… | |||
| CVE-2015-4082 | medium | 6.5 | 6.5 | 4y ago | attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers with read and write privileges for the encrypted repository to obtain potentially sensitive informa… | |||
| CVE-2015-7889 | medium | 5.5 | 6.5 | 9y ago | The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service a… | |||
| CVE-2015-8470 | medium | 6.5 | 6.5 | 9y ago | The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not set the secure flag for the JSESSIONID cookie in an HTTPS session, which makes it easier for remote attackers to capture this cook… | |||
| CVE-2015-1239 | medium | 6.5 | 6.5 | 9y ago | Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a craf… | |||
| CVE-2015-5327 | medium | 6.5 | 6.5 | 9y ago | Out-of-bounds memory read in the x509_decode_time function in x509_cert_parser.c in Linux kernels 4.3-rc1 and after. | |||
| CVE-2015-2927 | medium | 6.5 | 6.5 | 9y ago | node 0.3.2 and URONode before 1.0.5r3 allows remote attackers to cause a denial of service (bandwidth consumption). | |||
| CVE-2015-5248 | medium | 6.5 | 6.5 | 9y ago | Reflected file download vulnerability in Red Hat Feedhenry Enterprise Mobile Application Platform. | |||
| CVE-2015-3419 | medium | 6.5 | 6.5 | 9y ago | vBulletin 5.x through 5.1.6 allows remote authenticated users to bypass authorization checks and inject private messages into conversations via vectors related to an input validation failure. | |||
| CVE-2015-0110 | medium | 6.5 | 6.5 | 9y ago | IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka WLE) 7.2.x allow remote authenticated users to bypass intended access restrictions on internal servi… | |||
| CVE-2015-5695 | medium | 6.5 | 6.5 | 9y ago | Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per domain, and Records per RecordSet quotas when processing an internal zone file transfer, which might… | |||
| CVE-2015-0783 | medium | 6.5 | 6.5 | 9y ago | The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable. | |||
| CVE-2015-7850 | medium | 6.5 | 6.5 | 9y ago | ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file. | |||
| CVE-2015-7702 | medium | 6.5 | 6.5 | 9y ago | The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomple… | |||
| CVE-2015-0194 | medium | 6.5 | 6.5 | 9y ago | XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data. | |||
| CVE-2015-5187 | medium | 6.5 | 6.5 | 9y ago | Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statements as a result of excessive web traffic. | |||
| CVE-2015-4463 | medium | 6.5 | 6.5 | 9y ago | The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL. | |||
| CVE-2015-4462 | medium | 6.5 | 6.5 | 9y ago | Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5 allows remote authenticated users to read arbitrary files via a full pathname in the "Upload file fro… | |||
| CVE-2015-7898 | medium | 5.5 | 6.5 | 9y ago | Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |||
| CVE-2015-7895 | medium | 5.5 | 6.5 | 9y ago | Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |||
| CVE-2015-7780 | medium | 6.5 | 6.5 | 9y ago | Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0. | |||
| CVE-2015-3254 | medium | 6.5 | 6.5 | 9y ago | The client libraries in Apache Thrift before 0.9.3 might allow remote authenticated users to cause a denial of service (infinite recursion) via vectors involving the skip function. | |||
| CVE-2015-8538 | medium | 6.5 | 6.5 | 9y ago | dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV). | |||
| CVE-2015-7514 | medium | 6.5 | 6.5 | 9y ago | OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information. | |||
| CVE-2015-3830 | medium | 6.5 | 6.5 | 9y ago | The stock Android browser address bar in all Android operating systems suffers from Address Bar Spoofing, which allows remote attackers to trick a victim by displaying a malicious page for legitimate… | |||
| CVE-2015-1207 | medium | 6.5 | 6.5 | 9y ago | Double-free vulnerability in libavformat/mov.c in FFMPEG in Google Chrome 41.0.2251.0 allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted .m4a file. | |||
| CVE-2015-1834 | medium | 6.5 | 6.5 | 9y ago | A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior t… | |||
| CVE-2015-5382 | medium | 6.5 | 6.5 | 9y ago | program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via the _alt parameter when uploading a vCard. | |||
| CVE-2015-8959 | medium | 6.5 | 6.5 | 9y ago | coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (CPU consumption) via a crafted DDS file. | |||
| CVE-2015-8958 | medium | 6.5 | 6.5 | 9y ago | coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file. | |||
| CVE-2015-8957 | medium | 6.5 | 6.5 | 9y ago | Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file. | |||
| CVE-2015-8345 | medium | 6.5 | 6.5 | 9y ago | The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (application crash and infinite loop) via vectors involving the command block list. | |||
| CVE-2015-8272 | medium | 6.5 | 6.5 | 9y ago | RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash). | |||
| CVE-2015-8613 | medium | 6.5 | 6.5 | 9y ago | Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI MegaRAID SAS HBA emulation support, allows local guest users to cause a denial of service (QEMU instanc… | |||
| CVE-2015-8568 | medium | 6.5 | 6.5 | 9y ago | Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local guest users to cause a denial of service (host memory consumption) by trying to activate the vmxne… | |||
| CVE-2015-8504 | medium | 6.5 | 6.5 | 9y ago | Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of service (arithmetic exception and application crash) via crafted SetPixelFormat messages from a client. | |||
| CVE-2015-8670 | medium | 6.5 | 6.5 | 9y ago | Huawei LogCenter V100R001C10 could allow an authenticated attacker to add abnormal device information to the log collection module, causing denial of service. | |||
| CVE-2015-8896 | medium | 6.5 | 6.5 | 9y ago | Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file. | |||
| CVE-2015-4409 | medium | 6.5 | 6.5 | 9y ago | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request… | |||
| CVE-2015-4408 | medium | 6.5 | 6.5 | 9y ago | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request… | |||
| CVE-2015-4407 | medium | 6.5 | 6.5 | 9y ago | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote authenticated users to cause a denial of service (service interruption) via a crafted HTTP request… | |||
| CVE-2015-8903 | medium | 6.5 | 6.5 | 9y ago | The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted VICAR file. | |||
| CVE-2015-8902 | medium | 6.5 | 6.5 | 9y ago | The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted PDB file. | |||
| CVE-2015-8901 | medium | 6.5 | 6.5 | 9y ago | ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite loop) via a crafted MIFF file. | |||
| CVE-2015-8750 | medium | 6.5 | 6.5 | 9y ago | libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file. | |||
| CVE-2015-7973 | medium | 6.5 | 6.5 | 10y ago | NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network. | |||
| CVE-2015-7743 | medium | 6.5 | 6.5 | 10y ago | XML external entity vulnerability in PRTG Network Monitor before 16.2.23.3077/3078 allows remote authenticated users to read arbitrary files by creating a new HTTP XML/REST Value sensor that accesses… | |||
| CVE-2015-8701 | medium | 6.5 | 6.5 | 10y ago | QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-one error. It happens while processing transmit (tx) descriptors in 'tx_consume' routine, if a desc… | |||
| CVE-2015-8786 | medium | 6.5 | 6.5 | 10y ago | The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privileges to cause a denial of service (resource consumption) via the (1) lengths_age or (2) lengths_inc… | |||
| CVE-2015-8923 | medium | 6.5 | 6.5 | 10y ago | The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file. | |||
| CVE-2015-8916 | medium | 6.5 | 6.5 | 10y ago | bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NU… | |||
| CVE-2015-4598 | medium | 6.5 | 6.5 | 10y ago | PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted i… | |||
| CVE-2015-3411 | medium | 6.5 | 6.5 | 10y ago | PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted in… | |||
| CVE-2015-8530 | medium | 6.5 | 6.5 | 10y ago | Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics 19 and 20 before 20.0.0.2-IF0008, 21 before 21.0.0.2-IF0010, 22 before 22.0.0.2-IF0011, 23 before 2… | |||
| CVE-2015-5479 | medium | 6.5 | 6.5 | 10y ago | The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a file with craft… | |||
| CVE-2015-8677 | medium | 6.5 | 6.5 | 10y ago | Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V200R003C00 before V200R003SPH011 and V200R005C00 before V200R005SPH008; S2350EI and S5300LI Campus s… | |||
| CVE-2015-5247 | medium | 6.5 | 6.5 | 10y ago | The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unl… | |||
| CVE-2015-8784 | medium | 6.5 | 6.5 | 10y ago | The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif. | |||
| CVE-2015-1547 | medium | 6.5 | 6.5 | 10y ago | The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif. | |||
| CVE-2015-8553 | medium | 6.5 | 6.5 | 10y ago | Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS kernel memory by not enabling memory and I/O decoding control bits. NOTE: this vulnerability exists … | |||
| CVE-2015-5167 | medium | 6.5 | 6.5 | 10y ago | Apache Ranger allows users to bypass intended access restrictions via the REST API | |||
| CVE-2015-2286 | medium | 6.5 | 6.5 | 10y ago | lms/templates/footer-edx-new.html in Open edX edx-platform before 2015-01-29 does not properly restrict links on the password-reset page, which allows user-assisted remote attackers to discover passw… | |||
| CVE-2015-7560 | medium | 6.5 | 6.5 | 10y ago | The SMB1 implementation in smbd in Samba 3.x and 4.x before 4.1.23, 4.2.x before 4.2.9, 4.3.x before 4.3.6, and 4.4.x before 4.4.0rc4 allows remote authenticated users to modify arbitrary ACLs by usi… | |||
| CVE-2015-8489 | medium | 6.5 | 6.5 | 10y ago | customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-… | |||
| CVE-2015-8631 | medium | 6.5 | 6.5 | 10y ago | Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before 1.13.4 and 1.14.x before 1.14.1 allow remote authenticated users to cause a denial of service (mem… | |||
| CVE-2015-7675 | medium | 6.5 | 6.5 | 10y ago | The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2 allow remote authenticated users to bypass authorization and read uploaded files via a valid FileID i… | |||
| CVE-2015-7513 | medium | 6.5 | 6.5 | 11y ago | arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and ho… | |||
| CVE-2015-7916 | medium | 6.5 | 6.5 | 11y ago | Cross-site scripting (XSS) vulnerability in Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query. | |||
| CVE-2015-8783 | medium | 6.5 | 6.5 | 11y ago | tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image. | |||
| CVE-2015-8782 | medium | 6.5 | 6.5 | 11y ago | tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781. | |||
| CVE-2015-8781 | medium | 6.5 | 6.5 | 11y ago | tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE… | |||
| CVE-2015-8794 | medium | 6.5 | 6.5 | 11y ago | Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0.6 and 1.1.x before 1.1.2 allows remote authenticated users to read arbitrary files via a full path… | |||
| CVE-2015-6317 | medium | 6.5 | 6.5 | 11y ago | Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended web-resource access restrictions via a direct request, aka Bug ID CSCuu45926. | |||
| CVE-2015-4925 | medium | — | 6.5 | 11y ago | Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown ve… | |||
| CVE-2015-8704 | medium | 6.5 | 6.5 | 11y ago | apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authenticated users to cause a denial of service (INSIST assertion failure and daemon exit) via a malformed … | |||
| CVE-2015-8605 | medium | 6.5 | 6.5 | 11y ago | ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to cause a denial of service (application crash) via an invalid length field in a UDP IPv4 packet. | |||
| CVE-2015-8335 | medium | 6.5 | 6.5 | 11y ago | Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading… | |||
| CVE-2015-6433 | medium | 6.5 | 6.5 | 11y ago | SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767. | |||
| CVE-2015-5434 | medium | 6.5 | 6.5 | 11y ago | HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and fo… | |||
| CVE-2015-8739 | medium | 5.5 | 6.5 | 11y ago | The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cau… | |||
| CVE-2015-8736 | medium | 5.5 | 6.5 | 11y ago | The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of ser… | |||
| CVE-2015-8735 | medium | 5.5 | 6.5 | 11y ago | The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote att… | |||
| CVE-2015-8733 | medium | 5.5 | 6.5 | 11y ago | The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record len… | |||
| CVE-2015-8732 | medium | 5.5 | 6.5 | 11y ago | The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate t… | |||
| CVE-2015-8731 | medium | 5.5 | 6.5 | 11y ago | The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remo… | |||
| CVE-2015-8730 | medium | 5.5 | 6.5 | 11y ago | epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of … |