| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2015-8000 | db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to... | S | |
| CVE-2015-8001 | The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x bef... | S | |
| CVE-2015-8002 | The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x bef... | S | |
| CVE-2015-8003 | MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uplo... | S | |
| CVE-2015-8004 | MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict ... | S | |
| CVE-2015-8005 | MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMag... | S | |
| CVE-2015-8006 | Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension for M... | S | |
| CVE-2015-8007 | The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows... | S | |
| CVE-2015-8008 | The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/i... | S | |
| CVE-2015-8009 | The MWOAuthDataStore::lookup_token function in Extension:OAuth for MediaWiki 1.25.x before 1.25.3, 1... | E | |
| CVE-2015-8010 | Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination f... | S | |
| CVE-2015-8011 | Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows ... | S | |
| CVE-2015-8012 | lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemo... | S | |
| CVE-2015-8013 | s2k.js in OpenPGP.js will decrypt arbitrary messages regardless of passphrase for crafted PGP keys w... | S | |
| CVE-2015-8019 | The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and... | | |
| CVE-2015-8020 | Clustered Data ONTAP versions 8.0, 8.3.1, and 8.3.2 contain a default privileged account which under... | S | |
| CVE-2015-8021 | Incomplete blacklist vulnerability in the Configuration utility in F5 BIG-IP LTM, Analytics, APM, AS... | | |
| CVE-2015-8022 | The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x befor... | | |
| CVE-2015-8023 | The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.... | | |
| CVE-2015-8024 | McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enter... | | |
| CVE-2015-8025 | driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency chec... | E | |
| CVE-2015-8026 | Heap-based buffer overflow in the verify_vbr_checksum function in exfatfsck in exfat-utils before 1.... | S | |
| CVE-2015-8027 | Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availabilit... | | |
| CVE-2015-8028 | Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) allow remote attackers to execute... | | |
| CVE-2015-8029 | SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafte... | | |
| CVE-2015-8030 | SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafte... | | |
| CVE-2015-8031 | Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2 allows XXE attacks.... | E | |
| CVE-2015-8032 | In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.... | S | |
| CVE-2015-8033 | In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.... | S | |
| CVE-2015-8034 | The state.sls function in Salt before 2015.8.3 uses weak permissions on the cache data, which allows... | | |
| CVE-2015-8035 | The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, whic... | E | |
| CVE-2015-8036 | Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.... | | |
| CVE-2015-8037 | Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortine... | | |
| CVE-2015-8038 | Multiple cross-site scripting (XSS) vulnerabilities in the Graphical User Interface (GUI) in Fortine... | | |
| CVE-2015-8039 | Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified vectors to the... | | |
| CVE-2015-8040 | The rtsp_getdlsendtime method in the CNC_Ctrl control in Samsung SmartViewer allows remote attackers... | | |
| CVE-2015-8041 | Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before... | | |
| CVE-2015-8042 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on W... | S | |
| CVE-2015-8043 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on W... | S | |
| CVE-2015-8044 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on W... | S | |
| CVE-2015-8045 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8046 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on W... | E S | |
| CVE-2015-8047 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8048 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8049 | Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.... | S | |
| CVE-2015-8050 | Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.... | S | |
| CVE-2015-8051 | The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown imp... | S | |
| CVE-2015-8052 | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Updat... | S | |
| CVE-2015-8053 | Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Updat... | S | |
| CVE-2015-8054 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8055 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8056 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8057 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8058 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8059 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8060 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8061 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8062 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8063 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8064 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8065 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8066 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8067 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8068 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8069 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8070 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8071 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8072 | mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote a... | | |
| CVE-2015-8073 | mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X allows remote attackers to execute arbitrary ... | | |
| CVE-2015-8074 | mediaserver in Android before 5.1.1 LMY48X allows remote attackers to obtain sensitive information, ... | | |
| CVE-2015-8075 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2015-8076 | The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x... | | |
| CVE-2015-8077 | Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.... | | |
| CVE-2015-8078 | Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.... | | |
| CVE-2015-8079 | qt5-qtwebkit before 5.4 records private browsing URLs to its favicon database, WebpageIcons.db.... | | |
| CVE-2015-8080 | Integer overflow in the getnum function in lua_struct.c in Redis 2.8.x before 2.8.24 and 3.0.x befor... | E S | |
| CVE-2015-8081 | The Field as Block module 7.x-1.x before 7.x-1.4 for Drupal might allow remote attackers to obtain s... | S | |
| CVE-2015-8082 | The Login Disable module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not prope... | S | |
| CVE-2015-8083 | An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways... | | |
| CVE-2015-8084 | Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R00... | | |
| CVE-2015-8085 | Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before... | | |
| CVE-2015-8086 | Huawei AR routers with software before V200R007C00SPC100; Quidway S9300 routers with software before... | | |
| CVE-2015-8087 | Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E and N... | | |
| CVE-2015-8088 | Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before ... | | |
| CVE-2015-8089 | The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C0... | | |
| CVE-2015-8090 | The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users to g... | | |
| CVE-2015-8091 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8094 | Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users ... | E S | |
| CVE-2015-8095 | The recycle bin feature in the Monster Menus module 7.x-1.21 before 7.x-1.24 for Drupal does not pro... | S | |
| CVE-2015-8096 | Integer overflow in Google Picasa 3.9.140 Build 239 and Build 248 allows remote attackers to execute... | | |
| CVE-2015-8098 | F5 BIG-IP APM 11.4.1 before 11.4.1 HF9, 11.5.x before 11.5.3, and 11.6.0 before 11.6.0 HF4 allow rem... | | |
| CVE-2015-8099 | F5 BIG-IP LTM, AFM, Analytics, APM, ASM, Link Controller, and PEM 11.3.x, 11.4.x before 11.4.1 HF10,... | | |
| CVE-2015-8100 | The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local... | | |
| CVE-2015-8103 | The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to ... | E | |
| CVE-2015-8104 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS us... | S | |
| CVE-2015-8105 | Cross-site scripting (XSS) vulnerability in program/js/app.js in Roundcube webmail before 1.0.7 and ... | | |
| CVE-2015-8106 | Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allow... | | |
| CVE-2015-8107 | Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.... | | |
| CVE-2015-8108 | The management interface in LenovoEMC EZ Media & Backup (hm3), ix2/ix2-dl, ix4-300d, px12-400r/450r,... | | |
| CVE-2015-8109 | Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to ga... | E | |
| CVE-2015-8110 | Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to ga... | E | |
| CVE-2015-8113 | Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before ... | | |
| CVE-2015-8114 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8115 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8116 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8117 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8118 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8119 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8120 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8121 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8122 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8123 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8124 | Session fixation vulnerability in the "Remember Me" login feature in Symfony 2.3.x before 2.3.35, 2.... | | |
| CVE-2015-8125 | Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attacker... | S | |
| CVE-2015-8126 | Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.... | S | |
| CVE-2015-8131 | Cross-site request forgery (CSRF) vulnerability in Elasticsearch Kibana before 4.1.3 and 4.2.x befor... | | |
| CVE-2015-8132 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7263. Reason: This candidate... | R | |
| CVE-2015-8133 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7264. Reason: This candidate... | R | |
| CVE-2015-8134 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2015-8135 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7265. Reason: This candidate... | R | |
| CVE-2015-8138 | NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp va... | | |
| CVE-2015-8139 | ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate ... | | |
| CVE-2015-8140 | The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffin... | | |
| CVE-2015-8146 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8146. Reason: This candida... | R | |
| CVE-2015-8147 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8147. Reason: This candida... | R | |
| CVE-2015-8148 | The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote att... | | |
| CVE-2015-8149 | The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote att... | | |
| CVE-2015-8150 | Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root acc... | | |
| CVE-2015-8151 | Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to ... | | |
| CVE-2015-8152 | Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 ... | | |
| CVE-2015-8153 | SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allow... | | |
| CVE-2015-8154 | The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Syman... | | |
| CVE-2015-8155 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8156 | Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x ... | | |
| CVE-2015-8157 | SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System ... | | |
| CVE-2015-8158 | The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remot... | | |
| CVE-2015-8176 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-8176. Reason: This candida... | R | |
| CVE-2015-8177 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8178 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8179 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8180 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8181 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8182 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8183 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8184 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8185 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8186 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8187 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8188 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8189 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8190 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8191 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8192 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8193 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8194 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8195 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8196 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8197 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8198 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8199 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8200 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8201 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8202 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8203 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8204 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8205 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8206 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8207 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8208 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8209 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8210 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8211 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8212 | CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote... | | |
| CVE-2015-8213 | The get_format function in utils/formats.py in Django before 1.7.x before 1.7.11, 1.8.x before 1.8.7... | S | |
| CVE-2015-8214 | A vulnerability has been identified in SIMATIC NET CP 342-5 (incl. SIPLUS variants) (All versions), ... | | |
| CVE-2015-8215 | net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted cha... | | |
| CVE-2015-8216 | The ljpeg_decode_yuv_scan function in libavcodec/mjpegdec.c in FFmpeg before 2.8.2 omits certain wid... | | |
| CVE-2015-8217 | The ff_hevc_parse_sps function in libavcodec/hevc_ps.c in FFmpeg before 2.8.2 does not validate the ... | | |
| CVE-2015-8218 | The decode_uncompressed function in libavcodec/faxcompr.c in FFmpeg before 2.8.2 does not validate u... | | |
| CVE-2015-8219 | The init_tile function in libavcodec/jpeg2000dec.c in FFmpeg before 2.8.2 does not enforce minimum-v... | | |
| CVE-2015-8220 | Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Contr... | S | |
| CVE-2015-8221 | Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitr... | | |
| CVE-2015-8222 | The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-re... | S | |
| CVE-2015-8223 | Huawei P7 before P7-L00C17B851, P7-L05C00B851, and P7-L09C92B85, and P8 ALE-UL00 before ALE-UL00B211... | | |
| CVE-2015-8224 | Huawei P8 before GRA-CL00C92B210, before GRA-L09C432B200, before GRA-TL00C01B210, and before GRA-UL0... | | |
| CVE-2015-8225 | The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with sof... | | |
| CVE-2015-8226 | The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with sof... | | |
| CVE-2015-8227 | The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SP... | | |
| CVE-2015-8228 | Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 220... | S | |
| CVE-2015-8229 | Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before ... | S | |
| CVE-2015-8230 | Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote att... | | |
| CVE-2015-8231 | Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers ... | | |
| CVE-2015-8232 | The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles i... | S | |
| CVE-2015-8233 | Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before... | S | |
| CVE-2015-8234 | The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signa... | S | |
| CVE-2015-8235 | Directory traversal vulnerability in Spiffy before 5.4.... | | |
| CVE-2015-8236 | Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.... | | |
| CVE-2015-8239 | The SHA-2 digest support in the sudoers plugin in sudo after 1.8.7 allows local users with write per... | S | |
| CVE-2015-8240 | The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link ... | | |
| CVE-2015-8241 | The xmlNextChar function in libxml2 2.9.2 does not properly check the state, which allows context-de... | | |
| CVE-2015-8242 | The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.... | | |
| CVE-2015-8247 | Cross-site scripting (XSS) vulnerability in synnefoclient in Synnefo Internet Management Software (I... | E | |
| CVE-2015-8248 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8249 | The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attac... | E S | |
| CVE-2015-8251 | OpenStage 60 and OpenScape Desk Phone IP 55G SIP V3, OpenStage 15, 20E, 20 and 40 and OpenScape Desk... | | |
| CVE-2015-8252 | The Frontel protocol before 3 on RSI Video Technologies Videofied devices sends a cleartext serial n... | E | |
| CVE-2015-8253 | The Frontel protocol before 3 on RSI Video Technologies Videofied devices sets up AES encryption but... | E | |
| CVE-2015-8254 | The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity pro... | E | |
| CVE-2015-8255 | AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admi... | E | |
| CVE-2015-8256 | Multiple cross-site scripting (XSS) vulnerabilities in Axis network cameras.... | E | |
| CVE-2015-8257 | The devtools.sh script in AXIS network cameras allows remote authenticated users to execute arbitrar... | E | |
| CVE-2015-8258 | AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary... | E | |
| CVE-2015-8261 | The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly... | E | |
| CVE-2015-8262 | Buffalo WZR-600DHP2 devices with firmware 2.09, 2.13, and 2.16 use an improper algorithm for selecti... | | |
| CVE-2015-8263 | NETGEAR WNR1000v3 devices with firmware 1.0.2.68 use the same source port number for every DNS query... | | |
| CVE-2015-8264 | Untrusted search path vulnerability in F-Secure Online Scanner allows remote attackers to execute ar... | | |
| CVE-2015-8265 | Huawei Mobile WiFi E5151 routers with software before E5151s-2TCPU-V200R001B146D27SP00C00 and E5186 ... | | |
| CVE-2015-8267 | The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dov... | | |
| CVE-2015-8268 | The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attacker... | | |
| CVE-2015-8269 | The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive informati... | | |
| CVE-2015-8270 | The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a den... | E | |
| CVE-2015-8271 | The AMF3CD_AddProp function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to execute arb... | E | |
| CVE-2015-8272 | RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and pr... | E | |
| CVE-2015-8275 | LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary fi... | | |
| CVE-2015-8276 | LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files ... | | |
| CVE-2015-8277 | Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.... | | |
| CVE-2015-8279 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files vi... | | |
| CVE-2015-8280 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to discover credentials by... | | |
| CVE-2015-8281 | Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows attackers to bypass filesystem encryption v... | | |
| CVE-2015-8282 | SeaWell Networks Spectrum SDC 02.05.00 has a default password of "admin" for the "admin" account.... | E | |
| CVE-2015-8283 | Directory traversal vulnerability in configure_manage.php in SeaWell Networks Spectrum SDC 02.05.00.... | E | |
| CVE-2015-8284 | SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative function... | E | |
| CVE-2015-8285 | The webssx.sys driver in QuickHeal 16.00 allows remote attackers to cause a denial of service.... | E | |
| CVE-2015-8286 | Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers t... | E | |
| CVE-2015-8287 | Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through... | | |
| CVE-2015-8288 | NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with firmware 1.0.0.49 and earlier us... | | |
| CVE-2015-8289 | The password-recovery feature on NETGEAR D3600 devices with firmware 1.0.0.49 and D6000 devices with... | | |
| CVE-2015-8290 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8291 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8292 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8293 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8294 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8295 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8296 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8297 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8298 | Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow rem... | E | |
| CVE-2015-8299 | Buffer overflow in the Group messages monitor (Falcon) in KNX ETS 4.1.5 (Build 3246) allows remote a... | E | |
| CVE-2015-8300 | Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program File... | | |
| CVE-2015-8303 | Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the ... | | |
| CVE-2015-8304 | Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attac... | | |
| CVE-2015-8305 | Huawei Sophia-L10 smartphones with software before P7-L10C900B852 allow attackers to cause a denial ... | | |
| CVE-2015-8306 | Buffer overflow in the HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B230... | | |
| CVE-2015-8307 | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00... | S | |
| CVE-2015-8308 | LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authenticati... | | |
| CVE-2015-8309 | Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to... | E S | |
| CVE-2015-8310 | Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated u... | S | |
| CVE-2015-8312 | Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial ... | | |
| CVE-2015-8313 | GnuTLS incorrectly validates the first byte of padding in CBC modes... | S | |
| CVE-2015-8314 | The Devise gem before 3.5.4 for Ruby mishandles Remember Me cookies for sessions, which may allow an... | S | |
| CVE-2015-8315 | The ms package before 0.7.1 for Node.js allows attackers to cause a denial of service (CPU consumpti... | E M | |
| CVE-2015-8316 | Array index error in LightDM (aka Light Display Manager) 1.14.3, 1.16.x before 1.16.6 when the XDMCP... | | |
| CVE-2015-8317 | The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers ... | E | |
| CVE-2015-8318 | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before... | | |
| CVE-2015-8319 | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before... | | |
| CVE-2015-8320 | Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which ... | | |
| CVE-2015-8322 | NetApp OnCommand System Manager 8.3.x before 8.3.2 allows remote authenticated users to execute arbi... | S | |
| CVE-2015-8324 | The ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization... | S | |
| CVE-2015-8325 | The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature i... | | |
| CVE-2015-8326 | The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned b... | S | |
| CVE-2015-8327 | Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and... | | |
| CVE-2015-8328 | Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 3... | | |
| CVE-2015-8329 | SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64... | | |
| CVE-2015-8330 | The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (... | | |
| CVE-2015-8331 | The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 doe... | | |
| CVE-2015-8332 | Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate onlin... | | |
| CVE-2015-8333 | The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 all... | | |
| CVE-2015-8334 | SQL injection vulnerability in the Operation and Maintenance Unit (OMU) in Huawei VCN500 before V100... | S | |
| CVE-2015-8335 | Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remot... | | |
| CVE-2015-8336 | Huawei FusionCompute with software before V100R005C10SPC700 allows remote authenticated users to obt... | | |
| CVE-2015-8337 | The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 befo... | | |
| CVE-2015-8338 | Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_incre... | | |
| CVE-2015-8339 | The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand ba... | S | |
| CVE-2015-8340 | The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release... | S | |
| CVE-2015-8341 | The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files u... | | |
| CVE-2015-8342 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2015-8345 | The eepro100 emulator in QEMU qemu-kvm blank allows local guest users to cause a denial of service (... | S | |
| CVE-2015-8346 | app/views/timelog/_form.html.erb in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2... | S | |
| CVE-2015-8349 | Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers ... | | |
| CVE-2015-8350 | Multiple cross-site scripting (XSS) vulnerabilities in the Calls to Action plugin before 2.5.1 for W... | E | |
| CVE-2015-8351 | PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, w... | E | |
| CVE-2015-8352 | Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute a... | E S | |
| CVE-2015-8353 | Cross-site scripting (XSS) vulnerability in the Role Scoper plugin before 1.3.67 for WordPress allow... | E | |
| CVE-2015-8354 | Cross-site scripting (XSS) vulnerability in the Ultimate Member WordPress plugin before 1.3.29 for W... | E | |
| CVE-2015-8355 | Multiple SQL injection vulnerabilities in the orion.extfeedbackform module before 2.1.3 for Bitrix a... | E | |
| CVE-2015-8356 | Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow re... | E | |
| CVE-2015-8357 | Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote a... | E | |
| CVE-2015-8358 | Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows rem... | E | |
| CVE-2015-8360 | An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 allows remote atta... | S | |
| CVE-2015-8361 | Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not requi... | S | |
| CVE-2015-8362 | The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcod... | E | |
| CVE-2015-8363 | The jpeg2000_read_main_headers function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x be... | | |
| CVE-2015-8364 | Integer overflow in the ff_ivi_init_planes function in libavcodec/ivi.c in FFmpeg before 2.6.5, 2.7.... | | |
| CVE-2015-8365 | The smka_decode_frame function in libavcodec/smacker.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, a... | | |
| CVE-2015-8366 | Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent a... | | |
| CVE-2015-8367 | The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and p... | | |
| CVE-2015-8368 | ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain ... | E | |
| CVE-2015-8369 | SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remot... | E | |
| CVE-2015-8370 | Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypas... | E S | |
| CVE-2015-8371 | Composer before 2016-02-10 allows cache poisoning from other projects built on the same host. This r... | E | |
| CVE-2015-8373 | The kea-dhcp4 and kea-dhcp6 servers 0.9.2 and 1.0.0-beta in ISC Kea, when certain debugging settings... | | |
| CVE-2015-8374 | fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows... | | |
| CVE-2015-8375 | Cross-site scripting (XSS) vulnerability in PHP-Fusion 9.... | E S | |
| CVE-2015-8376 | Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.6.3 allow remote attackers to ... | E | |
| CVE-2015-8377 | SQL injection vulnerability in the host_new_graphs_save function in graphs_new.php in Cacti 0.8.8f a... | E | |
| CVE-2015-8378 | In KeePassX before 0.4.4, a cleartext copy of password data is created upon a cancel of an XML expor... | | |
| CVE-2015-8379 | CakePHP 2.x and 3.x before 3.1.5 might allow remote attackers to bypass the CSRF protection mechanis... | E S | |
| CVE-2015-8380 | The pcre_exec function in pcre_exec.c in PCRE before 8.38 mishandles a // pattern with a \01 string,... | E | |
| CVE-2015-8381 | The compile_regex function in pcre_compile.c in PCRE before 8.38 and pcre2_compile.c in PCRE2 before... | E | |
| CVE-2015-8382 | The match function in pcre_exec.c in PCRE before 8.37 mishandles the /(?:((abcd))|(((?:(?:(?:(?:abc|... | E | |
| CVE-2015-8383 | PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to ca... | | |
| CVE-2015-8384 | PCRE before 8.38 mishandles the /(?J)(?'d'(?'d'\g{d}))/ pattern and related patterns with certain re... | | |
| CVE-2015-8385 | PCRE before 8.38 mishandles the /(?|(\k'Pm')|(?'Pm'))/ pattern and related patterns with certain for... | | |
| CVE-2015-8386 | PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatte... | | |
| CVE-2015-8387 | PCRE before 8.38 mishandles (?123) subroutine calls and related subroutine calls, which allows remot... | | |
| CVE-2015-8388 | PCRE before 8.38 mishandles the /(?=di(?<=(?1))|(?=(.))))/ pattern and related patterns with an unma... | | |
| CVE-2015-8389 | PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote at... | | |
| CVE-2015-8390 | PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attac... | | |
| CVE-2015-8391 | The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which... | | |
| CVE-2015-8392 | PCRE before 8.38 mishandles certain instances of the (?| substring, which allows remote attackers to... | | |
| CVE-2015-8393 | pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote att... | | |
| CVE-2015-8394 | PCRE before 8.38 mishandles the (?( | | |
| CVE-2015-8395 | PCRE before 8.38 mishandles certain references, which allows remote attackers to cause a denial of s... | | |
| CVE-2015-8396 | Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcm... | E | |
| CVE-2015-8397 | The JPEGLSCodec::DecodeExtent function in MediaStorageAndFileFormat/gdcmJPEGLSCodec.cxx in Grassroot... | E S | |
| CVE-2015-8398 | Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attacke... | E | |
| CVE-2015-8399 | Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via... | E | |
| CVE-2015-8400 | The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier fo... | S | |
| CVE-2015-8401 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8402 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8403 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8404 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8405 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8406 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8407 | Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.... | S | |
| CVE-2015-8408 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8409 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8410 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8411 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8412 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8413 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8414 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8415 | Buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windo... | S | |
| CVE-2015-8416 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8417 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8418 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8419 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8420 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8421 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8422 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8423 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8424 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8425 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8426 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8427 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8428 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8429 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8430 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8431 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8432 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8433 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8434 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8435 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8436 | Use-after-free vulnerability in the PrintJob object implementation in Adobe Flash Player before 18.0... | S | |
| CVE-2015-8437 | Use-after-free vulnerability in the Selection object implementation in Adobe Flash Player before 18.... | S | |
| CVE-2015-8438 | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2... | S | |
| CVE-2015-8439 | The SharedObject object implementation in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x bef... | S | |
| CVE-2015-8440 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8441 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8442 | Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.... | S | |
| CVE-2015-8443 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8444 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8445 | Integer overflow in the Shader filter implementation in Adobe Flash Player before 18.0.0.268 and 19.... | S | |
| CVE-2015-8446 | Heap-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.2... | S | |
| CVE-2015-8447 | Use-after-free vulnerability in the Color object implementation in Adobe Flash Player before 18.0.0.... | S | |
| CVE-2015-8448 | Use-after-free vulnerability in the DisplacementMapFilter object implementation in Adobe Flash Playe... | S | |
| CVE-2015-8449 | Use-after-free vulnerability in the MovieClip object implementation in Adobe Flash Player before 18.... | S | |
| CVE-2015-8450 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8451 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8452 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8453 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8454 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8455 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8456 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8457 | Stack-based buffer overflow in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.... | S | |
| CVE-2015-8458 | Heap-based buffer overflow in AGM.dll in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befor... | S | |
| CVE-2015-8459 | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and bef... | S | |
| CVE-2015-8460 | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and bef... | S | |
| CVE-2015-8461 | Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 ... | | |
| CVE-2015-8466 | Swift3 before 1.9 allows remote attackers to conduct replay attacks via an Authorization request tha... | S | |
| CVE-2015-8467 | The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x b... | | |
| CVE-2015-8470 | The console in Puppet Enterprise 3.7.x, 3.8.x, and 2015.2.x does not set the secure flag for the JSE... | | |
| CVE-2015-8472 | Buffer overflow in the png_set_PLTE function in libpng before 1.0.65, 1.1.x and 1.2.x before 1.2.55,... | | |
| CVE-2015-8473 | The Issues API in Redmine before 2.6.8, 3.0.x before 3.0.6, and 3.1.x before 3.1.2 allows remote aut... | S | |
| CVE-2015-8474 | Open redirect vulnerability in the valid_back_url function in app/controllers/application_controller... | S | |
| CVE-2015-8476 | Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitra... | | |
| CVE-2015-8477 | Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject a... | S | |
| CVE-2015-8478 | Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before ... | | |
| CVE-2015-8479 | Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio/au... | | |
| CVE-2015-8480 | The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google Chrom... | | |
| CVE-2015-8481 | Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer at... | | |
| CVE-2015-8482 | Blue Coat Unified Agent before 4.6.2 does not prevent modification of its configuration files when r... | | |
| CVE-2015-8483 | Open redirect vulnerability in Cybozu Office 10.2.0 through 10.3.0 allows remote attackers to redire... | | |
| CVE-2015-8484 | Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended calendar-vie... | | |
| CVE-2015-8485 | Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restr... | | |
| CVE-2015-8486 | Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restr... | | |
| CVE-2015-8487 | Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover CSRF tokens via unspecified vec... | | |
| CVE-2015-8488 | Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message, a dif... | | |
| CVE-2015-8489 | customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial ... | | |
| CVE-2015-8490 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8491 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8492 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8493 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8494 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8495 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8496 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8497 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8498 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8499 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8500 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8501 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8502 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8504 | Qemu, when built with VNC display driver support, allows remote attackers to cause a denial of servi... | S | |
| CVE-2015-8505 | mediaserver in Android before 5.1.1 LMY48Z allows remote attackers to execute arbitrary code or caus... | | |
| CVE-2015-8506 | mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to exec... | | |
| CVE-2015-8507 | mediaserver in Android 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or ca... | | |
| CVE-2015-8508 | Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x be... | E | |
| CVE-2015-8509 | Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x an... | E | |
| CVE-2015-8510 | Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescre... | | |
| CVE-2015-8511 | Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximat... | | |
| CVE-2015-8512 | The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentica... | | |
| CVE-2015-8513 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8514 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8515 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8516 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8517 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8519 | Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 a... | | |
| CVE-2015-8520 | Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 a... | | |
| CVE-2015-8521 | Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 a... | | |
| CVE-2015-8522 | Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 a... | | |
| CVE-2015-8523 | The server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attack... | | |
| CVE-2015-8524 | Cross-site scripting (XSS) vulnerability in Process Portal in IBM Business Process Manager 8.5.0.x t... | | |
| CVE-2015-8525 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8526 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8527 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8528 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8530 | Stack-based buffer overflow in the Initialize function in an ActiveX control in IBM SPSS Statistics ... | | |
| CVE-2015-8531 | Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 I... | | |
| CVE-2015-8532 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8533 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8534 | MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privileg... | | |
| CVE-2015-8535 | MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A directory trav... | | |
| CVE-2015-8536 | MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability ... | | |
| CVE-2015-8537 | app/views/journals/index.builder in Redmine before 2.6.9, 3.0.x before 3.0.7, and 3.1.x before 3.1.3... | S | |
| CVE-2015-8538 | dwarf_leb.c in libdwarf allows attackers to cause a denial of service (SIGSEGV).... | | |
| CVE-2015-8539 | The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a d... | S | |
| CVE-2015-8540 | Integer underflow in the png_check_keyword function in pngwutil.c in libpng 0.90 through 0.99, 1.0.x... | S | |
| CVE-2015-8542 | An issue was discovered in Open-Xchange Guard before 2.2.0-rev8. The "getprivkeybyid" API call is us... | | |
| CVE-2015-8543 | The networking implementation in the Linux kernel through 4.3.3, as used in Android and other produc... | | |
| CVE-2015-8544 | NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers t... | | |
| CVE-2015-8546 | An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Ga... | | |
| CVE-2015-8547 | The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows ... | | |
| CVE-2015-8548 | Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before ... | | |
| CVE-2015-8549 | XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a den... | S | |
| CVE-2015-8550 | Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a de... | | |
| CVE-2015-8551 | The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as ... | | |
| CVE-2015-8552 | The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as ... | | |
| CVE-2015-8553 | Xen allows guest OS users to obtain sensitive information from uninitialized locations in host OS ke... | S | |
| CVE-2015-8554 | Buffer overflow in hw/pt-msi.c in Xen 4.6.x and earlier, when using the qemu-xen-traditional (aka qe... | | |
| CVE-2015-8555 | Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers when X... | S | |
| CVE-2015-8556 | Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.... | E | |
| CVE-2015-8557 | The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 all... | | |
| CVE-2015-8558 | The ehci_process_itd function in hw/usb/hcd-ehci.c in QEMU allows local guest OS administrators to c... | S | |
| CVE-2015-8559 | The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem priv... | S | |
| CVE-2015-8560 | Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.4.0 and... | | |
| CVE-2015-8561 | The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows remot... | | |
| CVE-2015-8562 | Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection atta... | E | |
| CVE-2015-8563 | Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0 thro... | | |
| CVE-2015-8564 | Directory traversal vulnerability in Joomla! 3.4.x before 3.4.6 allows remote attackers to have unsp... | | |
| CVE-2015-8565 | Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remot... | | |
| CVE-2015-8566 | The Session package 1.x before 1.3.1 for Joomla! Framework allows remote attackers to execute arbitr... | | |
| CVE-2015-8567 | Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory co... | S | |
| CVE-2015-8568 | Memory leak in QEMU, when built with a VMWARE VMXNET3 paravirtual NIC emulator support, allows local... | S | |
| CVE-2015-8569 | The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel throu... | | |
| CVE-2015-8570 | The password reset functionality in Lepide Active Directory Self Service allows remote authenticated... | | |
| CVE-2015-8571 | Integer overflow in Autodesk Design Review (ADR) before 2013 Hotfix 2 allows remote attackers to exe... | | |
| CVE-2015-8572 | Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote attacker... | | |
| CVE-2015-8573 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8574 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8575 | The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify a... | | |
| CVE-2015-8576 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8577 | The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 alloc... | | |
| CVE-2015-8578 | AVG Internet Security 2015 allocates memory with Read, Write, Execute (RWX) permissions at predictab... | E | |
| CVE-2015-8579 | Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permission... | E | |
| CVE-2015-8580 | Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit... | | |
| CVE-2015-8581 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0779. Reason: This candidate... | R | |
| CVE-2015-8582 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8583 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8584 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8585 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8586 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8587 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8588 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8589 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8590 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8591 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-8592 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not val... | | |
| CVE-2015-8593 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu... | | |
| CVE-2015-8594 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v... | | |
| CVE-2015-8595 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v... | | |
| CVE-2015-8596 | In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer... | | |
| CVE-2015-8597 | Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gate... | E | |
| CVE-2015-8600 | The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication ... | | |
| CVE-2015-8601 | The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when sett... | S | |
| CVE-2015-8602 | The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check permissions... | S | |
| CVE-2015-8603 | Cross-site scripting (XSS) vulnerability in Serendipity before 2.0.3 allows remote attackers to inje... | E | |
| CVE-2015-8604 | SQL injection vulnerability in the host_new_graphs function in graphs_new.php in Cacti 0.8.8f and ea... | E | |
| CVE-2015-8605 | ISC DHCP 4.x before 4.1-ESV-R12-P1, 4.2.x, and 4.3.x before 4.3.3-P1 allows remote attackers to caus... | | |
| CVE-2015-8606 | Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework before 3.1.16 an... | | |
| CVE-2015-8607 | The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not ... | | |
| CVE-2015-8608 | The VDir::MapPathA and VDir::MapPathW functions in Perl 5.22 allow remote attackers to cause a denia... | E S | |
| CVE-2015-8611 | BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, and PEM 12.0.0 before HF1 on the 20... | | |
| CVE-2015-8612 | The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.... | E | |
| CVE-2015-8613 | Stack-based buffer overflow in the megasas_ctrl_get_info function in QEMU, when built with SCSI Mega... | S | |
| CVE-2015-8614 | Multiple stack-based buffer overflows in the (1) conv_jistoeuc, (2) conv_euctojis, and (3) conv_sjis... | S | |
| CVE-2015-8615 | The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of prin... | | |
| CVE-2015-8616 | Use-after-free vulnerability in the Collator::sortWithSortKeys function in ext/intl/collator/collato... | E | |
| CVE-2015-8617 | Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.... | E | |
| CVE-2015-8618 | The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry propag... | S | |
| CVE-2015-8619 | The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (ou... | S | |
| CVE-2015-8620 | Heap-based buffer overflow in the Avast virtualization driver (aswSnx.sys) in Avast Internet Securit... | E | |
| CVE-2015-8621 | t-coffee before 11.00.8cbe486-2 allows local users to write to ~/.t_coffee globally.... | | |
| CVE-2015-8622 | Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x b... | S | |
| CVE-2015-8623 | The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before... | S | |
| CVE-2015-8624 | The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before 1.... | S | |
| CVE-2015-8625 | MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do no... | S | |
| CVE-2015-8626 | The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1... | S | |
| CVE-2015-8627 | MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do no... | S | |
| CVE-2015-8628 | The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContributions, (4) Special:MyUploads, and ... | S | |
| CVE-2015-8629 | The xdr_nullstring function in lib/kadm5/kadm_rpc_xdr.c in kadmind in MIT Kerberos 5 (aka krb5) befo... | S | |
| CVE-2015-8630 | The (1) kadm5_create_principal_3 and (2) kadm5_modify_principal functions in lib/kadm5/srv/svr_princ... | S | |
| CVE-2015-8631 | Multiple memory leaks in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) before... | S | |
| CVE-2015-8634 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8635 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | E S | |
| CVE-2015-8636 | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and bef... | E S | |
| CVE-2015-8637 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8638 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8639 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8640 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8641 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8642 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8643 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8644 | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and bef... | E S | |
| CVE-2015-8645 | Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and bef... | S | |
| CVE-2015-8646 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8647 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8648 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8649 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8650 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8651 | Integer overflow in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Wind... | KEV S | |
| CVE-2015-8652 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8653 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8654 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8655 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8656 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8657 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8658 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | S | |
| CVE-2015-8659 | The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unk... | S | |
| CVE-2015-8660 | The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge... | E | |
| CVE-2015-8661 | The h264_slice_header_init function in libavcodec/h264_slice.c in FFmpeg before 2.8.3 does not valid... | | |
| CVE-2015-8662 | The ff_dwt_decode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the ... | | |
| CVE-2015-8663 | The ff_get_buffer function in libavcodec/utils.c in FFmpeg before 2.8.4 preserves width and height v... | | |
| CVE-2015-8664 | Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Go... | | |
| CVE-2015-8665 | tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (out-of-bounds ... | | |
| CVE-2015-8666 | Heap-based buffer overflow in QEMU, when built with the Q35-chipset-based PC system emulator.... | S | |
| CVE-2015-8667 | Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 ... | | |
| CVE-2015-8668 | Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtif... | E | |
| CVE-2015-8669 | libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4... | | |
| CVE-2015-8670 | Huawei LogCenter V100R001C10 could allow an authenticated attacker to add abnormal device informatio... | | |
| CVE-2015-8671 | Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a t... | | |
| CVE-2015-8672 | The presentation transmission permission management mechanism in Huawei TE30, TE40, TE50, and TE60 m... | | |
| CVE-2015-8673 | Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before V100R... | | |
| CVE-2015-8674 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8675 | Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password whe... | | |
| CVE-2015-8676 | Memory leak in Huawei S5300EI, S5300SI, S5310HI, S6300EI/ S2350EI, and S5300LI Campus series switche... | | |
| CVE-2015-8677 | Memory leak in Huawei S5300EI, S5300SI, S5310HI, and S6300EI Campus series switches with software V2... | | |
| CVE-2015-8678 | The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 befo... | | |
| CVE-2015-8679 | The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230,... | | |
| CVE-2015-8680 | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00... | | |
| CVE-2015-8681 | The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 be... | | |
| CVE-2015-8682 | The Video0 driver in Huawei P8 smartphones with software GRA-UL00 before GRA-UL00C00B350, GRA-UL10 b... | | |
| CVE-2015-8683 | The putcontig8bitCIELab function in tif_getimage.c in LibTIFF 4.0.6 allows remote attackers to cause... | | |
| CVE-2015-8684 | Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which ... | | |
| CVE-2015-8685 | Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remo... | E | |
| CVE-2015-8687 | Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Moti... | | |
| CVE-2015-8688 | Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafte... | | |
| CVE-2015-8697 | stalin 0.11-5 allows local users to write to arbitrary files.... | | |
| CVE-2015-8698 | CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-... | | |
| CVE-2015-8699 | Multiple cross-site scripting (XSS) vulnerabilities in CA Release Automation (formerly LISA Release ... | | |
| CVE-2015-8701 | QEMU (aka Quick Emulator) built with the Rocker switch emulation support is vulnerable to an off-by-... | S | |
| CVE-2015-8702 | The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause ... | E | |
| CVE-2015-8703 | ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE and ZXV10 W300 devices W300V1.0.0f_ER1_P... | | |
| CVE-2015-8704 | apl_42.c in ISC BIND 9.x before 9.9.8-P3, 9.9.x, and 9.10.x before 9.10.3-P3 allows remote authentic... | | |
| CVE-2015-8705 | buffer.c in named in ISC BIND 9.10.x before 9.10.3-P3, when debug logging is enabled, allows remote ... | | |
| CVE-2015-8707 | Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a ... | | |
| CVE-2015-8708 | Stack-based buffer overflow in the conv_euctojis function in codeconv.c in Claws Mail 3.13.1 allows ... | | |
| CVE-2015-8709 | kernel/ptrace.c in the Linux kernel through 4.4.1 mishandles uid and gid mappings, which allows loca... | | |
| CVE-2015-8710 | The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive inform... | S | |
| CVE-2015-8711 | epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x befo... | | |
| CVE-2015-8712 | The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissecto... | | |
| CVE-2015-8713 | epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not... | | |
| CVE-2015-8714 | The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark... | | |
| CVE-2015-8715 | epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not... | | |
| CVE-2015-8716 | The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1... | | |
| CVE-2015-8717 | The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x be... | | |
| CVE-2015-8718 | Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x b... | | |
| CVE-2015-8719 | The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.... | | |
| CVE-2015-8720 | The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wir... | | |
| CVE-2015-8721 | Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12... | | |
| CVE-2015-8722 | epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x befo... | | |
| CVE-2015-8723 | The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.1... | | |
| CVE-2015-8724 | The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wire... | | |
| CVE-2015-8725 | The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DI... | | |
| CVE-2015-8726 | wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 d... | | |
| CVE-2015-8727 | The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark... | | |
| CVE-2015-8728 | The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) ep... | | |
| CVE-2015-8729 | The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x befor... | | |
| CVE-2015-8730 | epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x befo... | | |
| CVE-2015-8731 | The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wiresha... | | |
| CVE-2015-8732 | The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in th... | | |
| CVE-2015-8733 | The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark... | | |
| CVE-2015-8734 | The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x bef... | | |
| CVE-2015-8735 | The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dis... | | |
| CVE-2015-8736 | The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before ... | | |
| CVE-2015-8737 | The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 doe... | | |
| CVE-2015-8738 | The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7CO... | | |
| CVE-2015-8739 | The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.... | | |
| CVE-2015-8740 | The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in ... | | |
| CVE-2015-8741 | The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x bef... | | |
| CVE-2015-8742 | The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wir... | | |
| CVE-2015-8743 | QEMU (aka Quick Emulator) built with the NE2000 device emulation support is vulnerable to an OOB r/w... | S | |
| CVE-2015-8744 | QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable... | | |
| CVE-2015-8745 | QEMU (aka Quick Emulator) built with a VMWARE VMXNET3 paravirtual NIC emulator support is vulnerable... | | |
| CVE-2015-8746 | fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize me... | | |
| CVE-2015-8747 | The multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write ... | S | |
| CVE-2015-8748 | Radicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitatio... | S | |
| CVE-2015-8749 | The volume_utils._parse_volume_info function in OpenStack Compute (Nova) before 2015.1.3 (kilo) and ... | S | |
| CVE-2015-8750 | libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer der... | S | |
| CVE-2015-8751 | Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to h... | E | |
| CVE-2015-8752 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8753 | SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile... | | |
| CVE-2015-8754 | The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended acce... | S | |
| CVE-2015-8755 | Multiple cross-site scripting (XSS) vulnerabilities in unspecified backend components in TYPO3 6.2.x... | | |
| CVE-2015-8756 | Cross-site scripting (XSS) vulnerability in the search result view in the Indexed Search (indexed_se... | | |
| CVE-2015-8757 | Cross-site scripting (XSS) vulnerability in the Extension Manager in TYPO3 6.2.x before 6.2.16 and 7... | | |
| CVE-2015-8758 | Multiple cross-site scripting (XSS) vulnerabilities in unspecified frontend components in TYPO3 6.2.... | | |
| CVE-2015-8759 | Cross-site scripting (XSS) vulnerability in the typoLink function in TYPO3 6.2.x before 6.2.16 and 7... | | |
| CVE-2015-8760 | The Flvplayer component in TYPO3 6.2.x before 6.2.16 allows remote attackers to embed Flash videos f... | | |
| CVE-2015-8761 | The Values module 7.x-1.x before 7.x-1.2 for Drupal does not properly check permissions, which allow... | S | |
| CVE-2015-8762 | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of serv... | S | |
| CVE-2015-8763 | The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impac... | S | |
| CVE-2015-8764 | Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer over... | S | |
| CVE-2015-8765 | Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041,... | | |
| CVE-2015-8766 | Multiple cross-site scripting (XSS) vulnerabilities in content/content.systempreferences.php in Symp... | E S | |
| CVE-2015-8767 | net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship be... | S | |
| CVE-2015-8768 | click/install.py in click does not require files in package filesystem tarballs to start with ./ (do... | S | |
| CVE-2015-8769 | SQL injection vulnerability in Joomla! 3.x before 3.4.7 allows attackers to execute arbitrary SQL co... | | |
| CVE-2015-8770 | Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php... | E S | |
| CVE-2015-8771 | The generate_smb_nt_hash function in include/functions.inc in GOsa allows remote attackers to execut... | S | |
| CVE-2015-8772 | McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protection allows local users to obtai... | | |
| CVE-2015-8773 | Stack-based buffer overflow in McPvDrv.sys 4.6.111.0 in McAfee File Lock 5.x in McAfee Total Protect... | | |
| CVE-2015-8776 | The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent... | | |
| CVE-2015-8777 | The process_envvars function in elf/rtld.c in the GNU C Library (aka glibc or libc6) before 2.23 all... | E | |
| CVE-2015-8778 | Integer overflow in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent atta... | | |
| CVE-2015-8779 | Stack-based buffer overflow in the catopen function in the GNU C Library (aka glibc or libc6) before... | | |
| CVE-2015-8780 | Samsung wssyncmlnps before 2015-10-31 allows directory traversal in a Kies restore, aka ZipFury.... | E | |
| CVE-2015-8781 | tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an inva... | S | |
| CVE-2015-8782 | tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a craf... | S | |
| CVE-2015-8783 | tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a craft... | S | |
| CVE-2015-8784 | The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of servic... | S | |
| CVE-2015-8785 | The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local use... | S | |
| CVE-2015-8786 | The Management plugin in RabbitMQ before 3.6.1 allows remote authenticated users with certain privil... | S | |
| CVE-2015-8787 | The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 ... | S | |
| CVE-2015-8789 | Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context... | | |
| CVE-2015-8790 | The EbmlUnicodeString::UpdateFromUTF8 function in libEBML before 1.3.3 allows context-dependent atta... | | |
| CVE-2015-8791 | The EbmlElement::ReadCodedSizeValue function in libEBML before 1.3.3 allows context-dependent attack... | | |
| CVE-2015-8792 | The KaxInternalBlock::ReadData function in libMatroska before 1.4.4 allows context-dependent attacke... | S | |
| CVE-2015-8793 | Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube before 1.0.6 and... | E S | |
| CVE-2015-8794 | Absolute path traversal vulnerability in program/steps/addressbook/photo.inc in Roundcube before 1.0... | S | |
| CVE-2015-8795 | Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow ... | | |
| CVE-2015-8796 | Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/schema-browser.js in the Admin UI ... | | |
| CVE-2015-8797 | Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in th... | | |
| CVE-2015-8798 | Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical S... | | |
| CVE-2015-8799 | Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical S... | | |
| CVE-2015-8800 | Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Secu... | | |
| CVE-2015-8801 | Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local ... | | |
| CVE-2015-8802 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8803 | The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagati... | S | |
| CVE-2015-8804 | x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces... | S | |
| CVE-2015-8805 | The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagati... | S | |
| CVE-2015-8806 | dict.c in libxml2 allows remote attackers to cause a denial of service (heap-based buffer over-read ... | | |
| CVE-2015-8807 | Cross-site scripting (XSS) vulnerability in the _renderVarInput_number function in horde/framework/C... | E | |
| CVE-2015-8808 | The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a... | | |
| CVE-2015-8812 | drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify erro... | S | |
| CVE-2015-8813 | The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Um... | E S | |
| CVE-2015-8814 | Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cr... | S | |
| CVE-2015-8815 | Multiple cross-site scripting (XSS) vulnerabilities in Umbraco before 7.4.0 allow remote attackers t... | E | |
| CVE-2015-8816 | The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not proper... | S | |
| CVE-2015-8817 | QEMU (aka Quick Emulator) built to use 'address_space_translate' to map an address to a MemoryRegion... | S | |
| CVE-2015-8818 | The cpu_physical_memory_write_rom_internal function in exec.c in QEMU (aka Quick Emulator) does not ... | | |
| CVE-2015-8819 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-8820 | Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and bef... | E S | |
| CVE-2015-8821 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8822 | Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0... | S | |
| CVE-2015-8823 | Use-after-free vulnerability in the TextField object implementation in Adobe Flash Player before 18.... | S | |
| CVE-2015-8824 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8825 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8826 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8827 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8828 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8829 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8830 | Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows ... | | |
| CVE-2015-8831 | Cross-site scripting (XSS) vulnerability in admin/comments.php in Dotclear before 2.8.2 allows remot... | E S | |
| CVE-2015-8832 | Multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php in Dotclear before 2.8.2... | E S | |
| CVE-2015-8833 | Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record... | | |
| CVE-2015-8834 | Cross-site scripting (XSS) vulnerability in wp-includes/wp-db.php in WordPress before 4.2.2 allows r... | S | |
| CVE-2015-8835 | The make_http_soap_request function in ext/soap/php_http.c in PHP before 5.4.44, 5.5.x before 5.5.28... | | |
| CVE-2015-8836 | Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remot... | E S | |
| CVE-2015-8837 | Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows... | E S | |
| CVE-2015-8838 | ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a clie... | | |
| CVE-2015-8839 | Multiple race conditions in the ext4 filesystem implementation in the Linux kernel before 4.5 allow ... | | |
| CVE-2015-8840 | The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, whic... | | |
| CVE-2015-8841 | Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows re... | E | |
| CVE-2015-8842 | tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.j... | | |
| CVE-2015-8843 | The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7.x b... | S | |
| CVE-2015-8844 | The signal implementation in the Linux kernel before 4.3.5 on powerpc platforms does not check for a... | | |
| CVE-2015-8845 | The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on ... | S | |
| CVE-2015-8851 | node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier ... | S | |
| CVE-2015-8852 | Varnish 3.x before 3.0.7, when used in certain stacked installations, allows remote attackers to inj... | | |
| CVE-2015-8853 | The (1) S_reghop3, (2) S_reghop4, and (3) S_reghopmaybe3 functions in regexec.c in Perl before 5.24.... | | |
| CVE-2015-8854 | The marked package before 0.3.4 for Node.js allows attackers to cause a denial of service (CPU consu... | S | |
| CVE-2015-8855 | The semver package before 4.3.2 for Node.js allows attackers to cause a denial of service (CPU consu... | S | |
| CVE-2015-8856 | Cross-site scripting (XSS) vulnerability in the serve-index package before 1.6.3 for Node.js allows ... | S | |
| CVE-2015-8857 | The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values whe... | E S | |
| CVE-2015-8858 | The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service (CPU co... | E | |
| CVE-2015-8859 | The send package before 0.11.1 for Node.js allows attackers to obtain the root path via unspecified ... | S | |
| CVE-2015-8860 | The tar package before 2.0.0 for Node.js allows remote attackers to write to arbitrary files via a s... | M | |
| CVE-2015-8861 | The handlebars package before 4.0.0 for Node.js allows remote attackers to conduct cross-site script... | S | |
| CVE-2015-8862 | mustache package before 2.2.1 for Node.js allows remote attackers to conduct cross-site scripting (X... | E S | |
| CVE-2015-8863 | Off-by-one error in the tokenadd function in jv_parse.c in jq allows remote attackers to cause a den... | S | |
| CVE-2015-8864 | Cross-site scripting (XSS) vulnerability in Roundcube Webmail before 1.0.9 and 1.1.x before 1.1.5 al... | S | |
| CVE-2015-8865 | The file_check_mem function in funcs.c in file before 5.23, as used in the Fileinfo component in PHP... | E | |
| CVE-2015-8866 | ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isol... | E S | |
| CVE-2015-8867 | The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before... | | |
| CVE-2015-8868 | Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler befor... | | |
| CVE-2015-8869 | OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to condu... | | |
| CVE-2015-8870 | Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a deni... | S | |
| CVE-2015-8871 | Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 all... | S | |
| CVE-2015-8872 | The set_fat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 file... | S | |
| CVE-2015-8873 | Stack consumption vulnerability in Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28,... | E | |
| CVE-2015-8874 | Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial... | E | |
| CVE-2015-8875 | Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, ... | | |
| CVE-2015-8876 | Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not v... | E | |
| CVE-2015-8877 | The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before... | E S | |
| CVE-2015-8878 | main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before 5.6.12 does not ensure thread s... | | |
| CVE-2015-8879 | The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior fo... | E | |
| CVE-2015-8880 | Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to h... | | |
| CVE-2015-8888 | Integer overflow in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nex... | | |
| CVE-2015-8889 | The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices... | | |
| CVE-2015-8890 | platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Ne... | | |
| CVE-2015-8891 | Multiple integer overflows in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07... | | |
| CVE-2015-8892 | platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus... | | |
| CVE-2015-8893 | app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 (2013) de... | | |
| CVE-2015-8894 | Double free vulnerability in coders/tga.c in ImageMagick 7.0.0 and later allows remote attackers to ... | S | |
| CVE-2015-8895 | Integer overflow in coders/icon.c in ImageMagick 6.9.1-3 and later allows remote attackers to cause ... | S | |
| CVE-2015-8896 | Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to c... | S | |
| CVE-2015-8897 | The SpliceImage function in MagickCore/transform.c in ImageMagick before 6.9.2-4 allows remote attac... | S | |
| CVE-2015-8898 | The WriteImages function in magick/constitute.c in ImageMagick before 6.9.2-4 allows remote attacker... | S | |
| CVE-2015-8899 | Dnsmasq before 2.76 allows remote servers to cause a denial of service (crash) via a reply with an e... | | |
| CVE-2015-8900 | The ReadHDRImage function in coders/hdr.c in ImageMagick 6.x and 7.x allows remote attackers to caus... | E S | |
| CVE-2015-8901 | ImageMagick 6.x before 6.9.0-5 Beta allows remote attackers to cause a denial of service (infinite l... | E | |
| CVE-2015-8902 | The ReadBlobByte function in coders/pdb.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote attac... | E | |
| CVE-2015-8903 | The ReadVICARImage function in coders/vicar.c in ImageMagick 6.x before 6.9.0-5 Beta allows remote a... | E S | |
| CVE-2015-8904 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8905 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8906 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8907 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8908 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8909 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8910 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8911 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8912 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8913 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-8914 | The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attack... | E | |
| CVE-2015-8915 | bsdcpio in libarchive before 3.2.0 allows remote attackers to cause a denial of service (invalid rea... | E | |
| CVE-2015-8916 | bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header i... | | |
| CVE-2015-8917 | bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer... | | |
| CVE-2015-8918 | The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote atta... | S | |
| CVE-2015-8919 | The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before... | S | |
| CVE-2015-8920 | The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows r... | | |
| CVE-2015-8921 | The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to... | | |
| CVE-2015-8922 | The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows... | | |
| CVE-2015-8923 | The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an ... | | |
| CVE-2015-8924 | The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive ... | | |
| CVE-2015-8925 | The readline function in archive_read_support_format_mtree.c in libarchive before 3.2.0 allows remot... | E | |
| CVE-2015-8926 | The archive_read_format_rar_read_data function in archive_read_support_format_rar.c in libarchive be... | E | |
| CVE-2015-8927 | The trad_enc_decrypt_update function in archive_read_support_format_zip.c in libarchive before 3.2.0... | E | |
| CVE-2015-8928 | The process_add_entry function in archive_read_support_format_mtree.c in libarchive before 3.2.0 all... | E | |
| CVE-2015-8929 | Memory leak in the __archive_read_get_extract function in archive_read_extract2.c in libarchive befo... | E | |
| CVE-2015-8930 | bsdtar in libarchive before 3.2.0 allows remote attackers to cause a denial of service (infinite loo... | S | |
| CVE-2015-8931 | Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_rea... | E | |
| CVE-2015-8932 | The compress_bidder_init function in archive_read_support_filter_compress.c in libarchive before 3.2... | E S | |
| CVE-2015-8933 | Integer overflow in the archive_read_format_tar_skip function in archive_read_support_format_tar.c i... | E S | |
| CVE-2015-8934 | The copy_from_lzss_window function in archive_read_support_format_rar.c in libarchive 3.2.0 and earl... | E S | |
| CVE-2015-8935 | The sapi_header_op function in main/SAPI.c in PHP before 5.4.38, 5.5.x before 5.5.22, and 5.6.x befo... | S | |
| CVE-2015-8936 | Cross-site scripting (XSS) vulnerability in squidGuard.cgi in squidGuard before 1.5 allows remote at... | | |
| CVE-2015-8937 | drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5... | S | |
| CVE-2015-8938 | The MSM camera driver in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices doe... | S | |
| CVE-2015-8939 | drivers/video/msm/mdp4_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (20... | S | |
| CVE-2015-8940 | Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm components in Android before 2016-... | S | |
| CVE-2015-8941 | drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android be... | S | |
| CVE-2015-8942 | drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android befor... | S | |
| CVE-2015-8943 | drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Ne... | S | |
| CVE-2015-8944 | The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Andro... | S | |
| CVE-2015-8945 | openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars... | S | |
| CVE-2015-8946 | ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from acti... | | |
| CVE-2015-8947 | hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of ser... | | |
| CVE-2015-8948 | idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by... | S | |
| CVE-2015-8949 | Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers... | S | |
| CVE-2015-8950 | arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Androi... | S | |
| CVE-2015-8951 | Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm so... | S | |
| CVE-2015-8952 | The mbcache feature in the ext2 and ext4 filesystem implementations in the Linux kernel before 4.6 m... | S | |
| CVE-2015-8953 | fs/overlayfs/copy_up.c in the Linux kernel before 4.2.6 uses an incorrect cleanup code path, which a... | E S | |
| CVE-2015-8954 | The MemcmpLowercase function in Suricata before 2.0.6 improperly excludes the first byte from compar... | | |
| CVE-2015-8955 | arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users ... | S | |
| CVE-2015-8956 | The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows l... | S | |
| CVE-2015-8957 | Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of serv... | E S | |
| CVE-2015-8958 | coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service... | E S | |
| CVE-2015-8959 | coders/dds.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service... | E S | |
| CVE-2015-8960 | The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_... | E M | |
| CVE-2015-8961 | The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows loca... | S | |
| CVE-2015-8962 | Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel b... | S | |
| CVE-2015-8963 | Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain pri... | S | |
| CVE-2015-8964 | The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows ... | S | |
| CVE-2015-8965 | Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbi... | S | |
| CVE-2015-8966 | arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileg... | S | |
| CVE-2015-8967 | arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page... | S | |
| CVE-2015-8968 | git-fastclone before 1.0.1 permits arbitrary shell command execution from .gitmodules. If an attacke... | E S | |
| CVE-2015-8969 | git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker c... | E | |
| CVE-2015-8970 | crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has... | S | |
| CVE-2015-8971 | Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that mo... | S | |
| CVE-2015-8972 | Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuch... | E S | |
| CVE-2015-8973 | xmlhttp.php in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System... | | |
| CVE-2015-8974 | SQL injection vulnerability in the Group Promotions module in the admin control panel in MyBB (aka M... | | |
| CVE-2015-8975 | Cross-site scripting (XSS) vulnerability in the error handler in MyBB (aka MyBulletinBoard) before 1... | | |
| CVE-2015-8976 | Cross-site scripting (XSS) vulnerability in MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x befor... | | |
| CVE-2015-8977 | MyBB (aka MyBulletinBoard) before 1.6.18 and 1.8.x before 1.8.6 and MyBB Merge System before 1.8.6 a... | | |
| CVE-2015-8978 | In Soap Lite (aka the SOAP::Lite extension for Perl) 1.14 and earlier, an example attack consists of... | | |
| CVE-2015-8979 | Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.... | E S | |
| CVE-2015-8980 | The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attac... | E | |
| CVE-2015-8981 | Heap-based buffer overflow in the PdfParser::ReadXRefSubsection function in base/PdfParser.cpp in Po... | S | |
| CVE-2015-8982 | Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allow... | S | |
| CVE-2015-8983 | Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glib... | S | |
| CVE-2015-8984 | The fnmatch function in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-depen... | S | |
| CVE-2015-8985 | The pop_fail_stack function in the GNU C Library (aka glibc or libc6) allows context-dependent attac... | S | |
| CVE-2015-8986 | Sandbox detection evasion vulnerability in hardware appliances in McAfee (now Intel Security) Advanc... | M | |
| CVE-2015-8987 | Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Ag... | S | |
| CVE-2015-8988 | Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now In... | S | |
| CVE-2015-8989 | Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security M... | | |
| CVE-2015-8990 | Detection bypass vulnerability in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier all... | M | |
| CVE-2015-8991 | Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.26... | | |
| CVE-2015-8992 | Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 al... | | |
| CVE-2015-8993 | Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows at... | | |
| CVE-2015-8994 | An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or ph... | E | |
| CVE-2015-8995 | In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CA... | S | |
| CVE-2015-8996 | In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine ... | S | |
| CVE-2015-8997 | In TrustZone a time-of-check time-of-use race condition could potentially exist in a listener routin... | S | |
| CVE-2015-8998 | In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CA... | S | |
| CVE-2015-8999 | In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF ... | S |