- EPSS 4.13%
- Veröffentlicht 09.11.2015 03:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field...
CVE-2015-2696
- EPSS 4.54%
- Veröffentlicht 09.11.2015 03:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mis...
- EPSS 6.24%
- Veröffentlicht 09.11.2015 03:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that...
CVE-2015-6855
- EPSS 3.5%
- Veröffentlicht 06.11.2015 21:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of service or possibly have unspecified other impact via certain IDE commands, as demonstrated by a WIN_READ_NATIVE_...
CVE-2015-7697
- EPSS 6.07%
- Veröffentlicht 06.11.2015 18:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.
CVE-2015-7696
- EPSS 7.18%
- Veröffentlicht 06.11.2015 18:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value...
CVE-2015-6031
- EPSS 4.78%
- Veröffentlicht 02.11.2015 19:59:14
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversiz...
CVE-2015-5262
- EPSS 19.31%
- Veröffentlicht 27.10.2015 16:59:07
- Zuletzt bearbeitet 06.05.2026 22:30:45
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attackers to cause a denial of service (HTTPS call hang)...
CVE-2015-7674
- EPSS 5.8%
- Veröffentlicht 26.10.2015 17:59:11
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which trig...
CVE-2015-5289
- EPSS 5.05%
- Veröffentlicht 26.10.2015 14:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (...