CVE-2015-8400
- EPSS 2.04%
- Veröffentlicht 12.01.2016 19:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The HTTPS fallback implementation in Shell In A Box (aka shellinabox) before 2.19 makes it easier for remote attackers to conduct DNS rebinding attacks via the "/plain" URL.
CVE-2015-1779
- EPSS 7.39%
- Veröffentlicht 12.01.2016 19:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section.
CVE-2015-6566
- EPSS 0.44%
- Veröffentlicht 11.01.2016 15:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.
CVE-2015-5254
- EPSS 38.19%
- Veröffentlicht 08.01.2016 19:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker, which allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object.
CVE-2016-1283
- EPSS 7.79%
- Veröffentlicht 03.01.2016 00:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgrou...
CVE-2015-8370
- EPSS 1.1%
- Veröffentlicht 16.12.2015 21:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via backspace characters in the (1) grub_username_get f...
- EPSS 1.78%
- Veröffentlicht 16.12.2015 11:59:21
- Zuletzt bearbeitet 06.05.2026 22:30:45
The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted web site.
CVE-2015-7222
- EPSS 4.27%
- Veröffentlicht 16.12.2015 11:59:20
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect memory all...
- EPSS 4.51%
- Veröffentlicht 16.12.2015 11:59:19
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a deque size change.
- EPSS 4.51%
- Veröffentlicht 16.12.2015 11:59:18
- Zuletzt bearbeitet 06.05.2026 22:30:45
Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.