Lucene search
K

5 matches found

OSV
OSV
added 2017/03/23 8:59 p.m.2 views

DEBIAN-CVE-2015-0855

The mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path...

9.8CVSS9.1AI score0.03236EPSS
Exploits0References1
OSV
OSV
added 2016/01/29 7:59 p.m.1 views

DEBIAN-CVE-2015-8789

Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested element with infinite size" followed by another element of an upper level in an EBML document...

9.6CVSS9.2AI score0.02126EPSS
Exploits0References1
OSV
OSV
added 2015/11/09 4:59 p.m.1 views

DEBIAN-CVE-2015-7940

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman ECDH key exchanges, aka an "invalid curve attack."...

5CVSS9.1AI score0.0482EPSS
Exploits0References1
OSV
OSV
added 2015/10/31 4:59 a.m.1 views

DEBIAN-CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

2.6CVSS5.6AI score0.02092EPSS
Exploits0References1
OSV
OSV
added 2015/01/16 4:59 p.m.1 views

DEBIAN-CVE-2015-0220

The django.util.http.issafeurl function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 does not properly handle leading whitespaces, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, related to redirect URLs, as demonstrated by a...

4.3CVSS6AI score0.03028EPSS
Exploits1References1
Rows per page
Query Builder