CVE List - 2015 / October
Showing 1 - 100 of 726 CVEs for October 2015 (Page 1 of 8)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-7915 | 2015-10-01 | Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0... |
| CVE-2014-7916 | 2015-10-01 | Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0... |
| CVE-2014-7917 | 2015-10-01 | Integer overflow in SampleTable.cpp in libstagefright in Android before 5.0.0... |
| CVE-2015-1528 | 2015-10-01 | Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android... |
| CVE-2015-1536 | 2015-10-01 | Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android... |
| CVE-2015-1538 | 2015-10-01 | Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright... |
| CVE-2015-1539 | 2015-10-01 | Multiple integer underflows in the ESDS::parseESDescriptor function in ESDS.cpp in... |
| CVE-2015-1541 | 2015-10-01 | The AppWidgetServiceImpl implementation in com/android/server/appwidget/AppWidgetServiceImpl.java in the Settings application in... |
| CVE-2015-3824 | 2015-10-01 | The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before... |
| CVE-2015-3826 | 2015-10-01 | The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before... |
| CVE-2015-3827 | 2015-10-01 | The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before... |
| CVE-2015-3828 | 2015-10-01 | The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before... |
| CVE-2015-3829 | 2015-10-01 | Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright... |
| CVE-2015-3831 | 2015-10-01 | Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp... |
| CVE-2015-3832 | 2015-10-01 | Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before... |
| CVE-2015-3833 | 2015-10-01 | The getRunningAppProcesses function in services/core/java/com/android/server/am/ActivityManagerService.java in Android before 5.1.1 LMY48I... |
| CVE-2015-3834 | 2015-10-01 | Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in... |
| CVE-2015-3835 | 2015-10-01 | Buffer overflow in the OMXNodeInstance::emptyBuffer function in omx/OMXNodeInstance.cpp in libstagefright... |
| CVE-2015-3836 | 2015-10-01 | The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter... |
| CVE-2015-3837 | 2015-10-01 | The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I... |
| CVE-2015-3842 | 2015-10-01 | Multiple heap-based buffer overflows in libeffects in the Audio Policy... |
| CVE-2015-3843 | 2015-10-01 | The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I... |
| CVE-2015-3844 | 2015-10-01 | The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before... |
| CVE-2015-3845 | 2015-10-01 | The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before... |
| CVE-2015-3849 | 2015-10-01 | The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before... |
| CVE-2015-3858 | 2015-10-01 | The checkDestination function in internal/telephony/SMSDispatcher.java in Android before 5.1.1 LMY48M... |
| CVE-2015-3860 | 2015-10-01 | packages/Keyguard/res/layout/keyguard_password_view.xml in Lockscreen in Android 5.x before 5.1.1 LMY48M does... |
| CVE-2015-3861 | 2015-10-01 | Multiple integer overflows in the addVorbisCodecInfo function in matroska/MatroskaExtractor.cpp in... |
| CVE-2015-3863 | 2015-10-01 | Multiple integer overflows in the Blob class in keystore/keystore.cpp in... |
| CVE-2015-3864 | 2015-10-01 | Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright... |
| CVE-2015-6575 | 2015-10-01 | SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not... |
| CVE-2015-1335 | 2015-10-01 | lxc-start in lxc before 1.0.8 and 1.1.x before 1.1.4 allows... |
| CVE-2015-1338 | 2015-10-01 | kernel_crashdump in Apport before 2.19 allows local users to cause... |
| CVE-2015-7236 | 2015-10-01 | Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and... |
| CVE-2015-7311 | 2015-10-01 | libxl in Xen 4.1.x through 4.6.x does not properly handle... |
| CVE-2015-7612 | 2015-10-01 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations page... |
| CVE-2015-2858 | 2015-10-02 | Datalex airline booking software before 2015-09-03 allows remote attackers to... |
| CVE-2015-3876 | 2015-10-02 | libstagefright in Android through 5.1.1 LMY48M allows remote attackers to... |
| CVE-2015-4546 | 2015-10-02 | Directory traversal vulnerability in EMC RSA OneStep 6.9 before build... |
| CVE-2015-6602 | 2015-10-02 | libutils in Android through 5.1.1 LMY48M allows remote attackers to... |
| CVE-2015-5653 | 2015-10-02 | Buffer overflow in Canary Labs Trend Web Server before 9.5.2... |
| CVE-2015-6308 | 2015-10-02 | Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated users... |
| CVE-2015-6309 | 2015-10-02 | Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote... |
| CVE-2015-0987 | 2015-10-03 | Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1,... |
| CVE-2015-0988 | 2015-10-03 | Omron CX-One CX-Programmer before 9.6 uses a reversible format for... |
| CVE-2015-1015 | 2015-10-03 | Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1,... |
| CVE-2015-3938 | 2015-10-03 | The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices... |
| CVE-2015-5640 | 2015-10-03 | baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary... |
| CVE-2015-5641 | 2015-10-03 | SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated... |
| CVE-2015-5642 | 2015-10-03 | Multiple SQL injection vulnerabilities in ICZ MATCHA INVOICE before 2.5.7... |
| CVE-2015-5643 | 2015-10-03 | The installer in ICZ MATCHA INVOICE before 2.5.7 does not... |
| CVE-2015-5644 | 2015-10-03 | The installer in ICZ MATCHA SNS before 1.3.7 does not... |
| CVE-2015-5645 | 2015-10-03 | ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to... |
| CVE-2015-5650 | 2015-10-03 | Directory traversal vulnerability in AjaXplorer 2.0 allows remote attackers to... |
| CVE-2015-6549 | 2015-10-03 | Cross-site scripting (XSS) vulnerability in an application console in the... |
| CVE-2015-7314 | 2015-10-03 | The Precious module in gollum before 4.0.1 allows remote attackers... |
| CVE-2015-7686 | 2015-10-03 | Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908... |
| CVE-2014-8916 | 2015-10-03 | Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2... |
| CVE-2015-0141 | 2015-10-03 | IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1... |
| CVE-2015-0142 | 2015-10-03 | IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1... |
| CVE-2015-0143 | 2015-10-03 | IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1... |
| CVE-2015-0144 | 2015-10-03 | Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2... |
| CVE-2015-0145 | 2015-10-03 | Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform... |
| CVE-2015-0195 | 2015-10-03 | Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x... |
| CVE-2015-1888 | 2015-10-03 | Cross-site scripting (XSS) vulnerability in IBM Content Navigator 2.0.2 before... |
| CVE-2015-4955 | 2015-10-03 | Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM)... |
| CVE-2015-5651 | 2015-10-03 | Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 allows remote... |
| CVE-2015-1933 | 2015-10-04 | IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8... |
| CVE-2015-1934 | 2015-10-04 | IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8... |
| CVE-2015-1969 | 2015-10-04 | Cross-site scripting (XSS) vulnerability in IBM Tivoli Common Reporting (TCR)... |
| CVE-2015-1983 | 2015-10-04 | Cross-site scripting (XSS) vulnerability in the Projects page in IBM... |
| CVE-2015-1988 | 2015-10-04 | Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for... |
| CVE-2015-2011 | 2015-10-04 | The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2... |
| CVE-2015-2016 | 2015-10-04 | Unspecified vulnerability in IBM QRadar SIEM 7.1 MR2 before Patch... |
| CVE-2015-2025 | 2015-10-04 | IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before... |
| CVE-2015-2026 | 2015-10-04 | Cross-site request forgery (CSRF) vulnerability in IBM WebSphere eXtreme Scale... |
| CVE-2015-2027 | 2015-10-04 | IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before... |
| CVE-2015-2028 | 2015-10-04 | CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before... |
| CVE-2015-2029 | 2015-10-04 | Session fixation vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before... |
| CVE-2015-2030 | 2015-10-04 | IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before... |
| CVE-2015-2031 | 2015-10-04 | Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scale 7.1.0... |
| CVE-2015-4930 | 2015-10-04 | IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and... |
| CVE-2014-9750 | 2015-10-04 | ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey... |
| CVE-2014-9751 | 2015-10-04 | The read_network_packet function in ntp_io.c in ntpd in NTP 4.x... |
| CVE-2015-4939 | 2015-10-05 | Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Lifecycle Management... |
| CVE-2015-4944 | 2015-10-05 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1... |
| CVE-2015-4964 | 2015-10-05 | IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before... |
| CVE-2015-4965 | 2015-10-05 | maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0... |
| CVE-2015-4967 | 2015-10-05 | SQL injection vulnerability in IBM Maximo Asset Management 7.1 through... |
| CVE-2015-4971 | 2015-10-05 | Cross-site scripting (XSS) vulnerability in IBM Emptoris Strategic Supply Management... |
| CVE-2015-4973 | 2015-10-05 | Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise Integration Gateway 1.x... |
| CVE-2015-4992 | 2015-10-05 | IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated... |
| CVE-2015-5022 | 2015-10-05 | IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced... |
| CVE-2015-5024 | 2015-10-05 | IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 10.0.2.3,... |
| CVE-2015-5652 | 2015-10-05 | Untrusted search path vulnerability in python.exe in Python through 3.5.0... |
| CVE-2015-5687 | 2015-10-05 | system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote attackers to conduct... |
| CVE-2015-7392 | 2015-10-05 | Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in... |
| CVE-2015-7684 | 2015-10-05 | Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated... |
| CVE-2015-7685 | 2015-10-05 | GLPI before 0.85.3 allows remote authenticated users to create super-admin... |
| CVE-2015-7322 | 2015-10-05 | The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly... |