|
277421
|
- |
|
akronymmanager_project
|
akronymmanager
|
SQL injection vulnerability in mod1/index.php in the Akronymmanager (sb_akronymmanager) extension before 7.0.0 for TYPO3 allows remote authenticated users with permission to maintain acronyms to exec…
|
CWE-89
SQL Injection
|
CVE-2015-2803
|
2024-11-21 11:28 |
2015-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277422
|
- |
|
libmimedir_project
|
libmimedir
|
libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."
|
CWE-74
Injection
|
CVE-2015-3205
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277423
|
- |
|
ceph
|
ceph-deploy
|
ceph-deploy before 1.5.23 uses weak permissions (644) for ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
|
CWE-200
Information Exposure
|
CVE-2015-3010
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277424
|
- |
|
alcatel-lucent
|
omniswitch_firmware
|
Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900,…
|
CWE-352
Origin Validation Error
|
CVE-2015-2805
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277425
|
- |
|
alcatel-lucent
|
omniswitch_firmware
|
The management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, and 6855 with firmware before 6.6.4.309.R01 and 6.6.5.x before 6.6.5.80.R02 generates weak session identifier…
|
CWE-200
Information Exposure
|
CVE-2015-2804
|
2024-11-21 11:28 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277426
|
- |
|
qemu
juniper
canonical
debian
redhat
fedoraproject
suse
arista
|
qemu
junos_space
ubuntu_linux
debian_linux
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_desktop
enterprise_linux_eus
en…
|
Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with TXSTATUS_STARTPACKET set and then a crafted packet with TXSTATUS_…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-3209
|
2024-11-21 11:28 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277427
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and modify settings via unspecified vectors, a different vulne…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2958
|
2024-11-21 11:28 |
2015-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277428
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers to bypass intended access restrictions and read files via unspecified vectors, a different vulnerabil…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2953
|
2024-11-21 11:28 |
2015-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277429
|
- |
|
igreks
|
milkystep_professional_oem
milkystep_light
milkystep_professional
|
The user-information management functionality in Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote authenticated users to bypass intended access restrictions and…
|
CWE-284
Improper Access Control
|
CVE-2015-2952
|
2024-11-21 11:28 |
2015-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277430
|
- |
|
cgi_rescue
|
blobee
|
CGI RESCUE BloBee 1.20 and earlier allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-2962
|
2024-11-21 11:28 |
2015-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
