|
277551
|
7.5 |
HIGH
Network
|
torproject
|
tor
|
The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and app…
|
NVD-CWE-noinfo
|
CVE-2015-2929
|
2024-11-21 11:28 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277552
|
7.5 |
HIGH
Network
|
torproject
|
tor
|
The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and d…
|
NVD-CWE-noinfo
|
CVE-2015-2928
|
2024-11-21 11:28 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277553
|
9.8 |
CRITICAL
Network
|
papercrop_project
|
papercrop
|
The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.
|
CWE-20
Improper Input Validation
|
CVE-2015-2784
|
2024-11-21 11:28 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277554
|
7.8 |
HIGH
Local
|
redhat
|
automatic_bug_reporting_tool
|
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, whi…
|
NVD-CWE-noinfo
|
CVE-2015-3159
|
2024-11-21 11:28 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277555
|
7.8 |
HIGH
Local
|
redhat
|
automatic_bug_reporting_tool
|
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) N…
|
CWE-22
Path Traversal
|
CVE-2015-3151
|
2024-11-21 11:28 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277556
|
7.1 |
HIGH
Local
|
redhat
|
automatic_bug_reporting_tool
|
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteEleme…
|
CWE-20
Improper Input Validation
|
CVE-2015-3150
|
2024-11-21 11:28 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277557
|
6.5 |
MEDIUM
Network
|
redhat
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
automatic_bug_reporting_tool
enterprise_linux_server_eus
enterprise_linux_server_tus
enterprise_linux_s…
|
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other uns…
|
CWE-59
Link Following
|
CVE-2015-3147
|
2024-11-21 11:28 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277558
|
8.8 |
HIGH
Network
|
synametrics
|
synaman
syncrify
syntail
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Synametrics Technologies SynaMan before 3.5 Build 1451, Syncrify before 3.7 Build 856, and SynTail before 1.5 Build 567
|
CWE-352
Origin Validation Error
|
CVE-2015-3140
|
2024-11-21 11:28 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277559
|
6.1 |
MEDIUM
Network
|
ikiwiki
fedoraproject
|
ikiwiki
fedora
|
Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject arbitrary web script or HTML via the openid_identifier parame…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2793
|
2024-11-21 11:28 |
2019-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277560
|
7.5 |
HIGH
Network
|
postgresql
debian
canonical
|
postgresql
debian_linux
ubuntu_linux
|
contrib/pgcrypto in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 uses different error responses when an incorrect key is used, which …
|
CWE-200
Information Exposure
|
CVE-2015-3167
|
2024-11-21 11:28 |
2019-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
