|
277331
|
4.3 |
MEDIUM
Network
|
moodle
|
moodle
|
The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 does not consider the mod/wiki:managefiles capability before authorizing file management, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5265
|
2024-11-21 11:32 |
2016-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277332
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 allows remote authenticated users to bypass intended access restrictions and enter addition…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5264
|
2024-11-21 11:32 |
2016-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277333
|
8.8 |
HIGH
Network
|
ibm
|
emptoris_contract_management
|
Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.…
|
CWE-352
Origin Validation Error
|
CVE-2015-5050
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277334
|
7.5 |
HIGH
Network
|
ibm
|
emptoris_contract_management
|
IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers…
|
CWE-20
Improper Input Validation
|
CVE-2015-5042
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277335
|
7.5 |
HIGH
Network
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_8.0_firmware
security_access_manager_9.0_firmware
|
The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms…
|
CWE-310
Cryptographic Issues
|
CVE-2015-5012
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277336
|
7.5 |
HIGH
Network
|
ibm
|
security_access_manager_for_web_8.0_firmware
security_access_manager_for_web_7.0_firmware
security_access_manager_9.0_firmware
|
IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for r…
|
CWE-254
7PK - Security Features
|
CVE-2015-5010
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277337
|
4.0 |
MEDIUM
Local
|
ibm
|
spss_modeler
|
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 IF018, and 17.1 through IF008 includes unspecified cleartext data in memory dumps, which allows loc…
|
CWE-200
Information Exposure
|
CVE-2015-4991
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277338
|
5.4 |
MEDIUM
Network
|
ibm
|
qradar_security_information_and_event_manager
|
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to inject arbitrary web script or HTML via a crafted…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4957
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277339
|
7.4 |
HIGH
Network
|
ibm
|
qradar_security_information_and_event_manager
|
The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors.
|
CWE-78
OS Command
|
CVE-2015-4956
|
2024-11-21 11:32 |
2016-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277340
|
9.8 |
CRITICAL
Network
|
apache
|
camel
|
The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote attackers to execute arbitrary commands via a crafted serialized Java object in an HTTP request.
|
CWE-19
Data Processing Errors
|
CVE-2015-5344
|
2024-11-21 11:32 |
2016-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
