|
277621
|
- |
|
xzeres
|
442sr_os
|
Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that select a different default a…
|
CWE-352
Origin Validation Error
|
CVE-2015-3950
|
2024-11-21 11:30 |
2015-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277622
|
- |
|
qemu
debian
fedoraproject
suse
citrix
canonical
|
qemu
debian_linux
fedora
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_software_development_kit
xenserver
ubuntu_linux
|
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host c…
|
CWE-863
Incorrect Authorization
|
CVE-2015-4106
|
2024-11-21 11:30 |
2015-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277623
|
- |
|
xen
|
xen
|
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operation…
|
CWE-399
Resource Management Errors
|
CVE-2015-4105
|
2024-11-21 11:30 |
2015-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277624
|
- |
|
xen
|
xen
|
Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x86 HVM guest users to cause a denial of service (unexpected interrupt and host crash) via unspecifi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4104
|
2024-11-21 11:30 |
2015-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277625
|
- |
|
xen
|
xen
|
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handli…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4103
|
2024-11-21 11:30 |
2015-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277626
|
- |
|
wpmembership
|
wpmembership
|
The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator privileges via an iv_membership_update_user_settings action to wp-admin/admin-ajax.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4038
|
2024-11-21 11:30 |
2015-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277627
|
- |
|
paloaltonetworks
|
pan-os
|
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive in…
|
NVD-CWE-Other
|
CVE-2015-4162
|
2024-11-21 11:30 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277628
|
- |
|
sap
|
afaria
|
SAP Afaria does not properly restrict access to unspecified functionality, which allows remote attackers to obtain sensitive information, gain privileges, or have other unspecified impact via unknown…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4161
|
2024-11-21 11:30 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277629
|
- |
|
sap
|
ase_database_platform
|
SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278.
|
CWE-89
SQL Injection
|
CVE-2015-4160
|
2024-11-21 11:30 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277630
|
- |
|
sap
|
hana_web-based_development_workbench
|
SQL injection vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes 2153892.
|
CWE-89
SQL Injection
|
CVE-2015-4159
|
2024-11-21 11:30 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
