Vulnerability & Exploit Database

Displaying entries 1 - 10 of 16 in total

Results for: CVE-2015-1277 Back to search

SUSE: CVE-2015-8867: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: May 11, 2016

The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors.

SUSE: CVE-2015-8866: SUSE Linux Security Advisory Vulnerability

  • Severity: 7
  • Published: May 11, 2016

ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML Entity Expansion (XEE) attacks via a crafted XML document, a related issue to CVE-2015-5...

SUSE: CVE-2015-8767: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: February 07, 2016

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

Huawei EulerOS: CVE-2015-8767: kernel security update Vulnerability

  • Severity: 5
  • Published: February 07, 2016

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

Debian: CVE-2015-8767: linux -- security update Vulnerability

  • Severity: 5
  • Published: February 07, 2016

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

CentOS: (CVE-2015-8767) (Multiple Advisories): kernel Vulnerability

  • Severity: 5
  • Published: February 07, 2016

net/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call.

USN-2677-1: Oxide vulnerabilities Vulnerability

  • Severity: 9
  • Published: July 22, 2015

Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.