CVE-2015-2776
- EPSS 2.38%
- Veröffentlicht 31.03.2015 14:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.
CVE-2015-2754
- EPSS 3.36%
- Veröffentlicht 31.03.2015 14:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) and possibly execute arbitrary code via a crafted workbook, related to a "premature EOF."
CVE-2015-2753
- EPSS 3.36%
- Veröffentlicht 31.03.2015 14:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
FreeXL before 1.0.0i allows remote attackers to cause a denial of service (stack corruption) or possibly execute arbitrary code via a crafted sector in a workbook.
- EPSS 1.95%
- Veröffentlicht 31.03.2015 14:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Shibboleth Service Provider (SP) before 2.5.4 allows remote authenticated users to cause a denial of service (crash) via a crafted SAML message.
CVE-2015-0838
- EPSS 3.38%
- Veröffentlicht 31.03.2015 14:59:08
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file.
CVE-2014-9706
- EPSS 5.03%
- Veröffentlicht 31.03.2015 14:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.
CVE-2015-2331
- EPSS 27.69%
- Veröffentlicht 30.03.2015 10:59:12
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial ...
CVE-2015-2305
- EPSS 8.37%
- Veröffentlicht 30.03.2015 10:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary co...
CVE-2015-2301
- EPSS 14.67%
- Veröffentlicht 30.03.2015 10:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
Use-after-free vulnerability in the phar_rename_archive function in phar_object.c in PHP before 5.5.22 and 5.6.x before 5.6.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors that trigger an a...
- EPSS 15.43%
- Veröffentlicht 30.03.2015 10:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
The GetCode_ function in gd_gif_in.c in GD 2.1.1 and earlier, as used in PHP before 5.5.21 and 5.6.x before 5.6.5, allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted GIF image that is improperl...