|
277731
|
- |
|
wireshark
opensuse
oracle
|
wireshark
opensuse
solaris
|
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (…
|
CWE-20
Improper Input Validation
|
CVE-2015-0561
|
2024-11-21 11:23 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277732
|
- |
|
wireshark
opensuse
|
wireshark
opensuse
|
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data str…
|
CWE-19
Data Processing Errors
|
CVE-2015-0560
|
2024-11-21 11:23 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277733
|
- |
|
opensuse
wireshark
|
opensuse
wireshark
|
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of …
|
NVD-CWE-Other
|
CVE-2015-0559
|
2024-11-21 11:23 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277734
|
- |
|
banner_effect_header_project
|
banner_effect_header
|
Cross-site request forgery (CSRF) vulnerability in the Banner Effect Header plugin 1.2.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct…
|
CWE-352
Origin Validation Error
|
CVE-2015-0920
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277735
|
- |
|
sefrengo
|
sefrengo
|
Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow remote administrators to execute arbitrary SQL commands via the (1) idcat or (2) idclient parameter…
|
CWE-89
SQL Injection
|
CVE-2015-0919
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277736
|
- |
|
sefrengo
|
sefrengo
|
Cross-site scripting (XSS) vulnerability in the administrative backend in Sefrengo before 1.6.1 allows remote attackers to inject arbitrary web script or HTML via the searchterm parameter to backend/…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0918
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277737
|
- |
|
kajona
|
kajona
|
Cross-site scripting (XSS) vulnerability in the backend in Kajona before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0917
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277738
|
8.8 |
HIGH
Network
|
o-dyn
debian
canonical
|
collabtive
debian_linux
ubuntu_linux
|
Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a f…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2015-0258
|
2024-11-21 11:22 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277739
|
8.1 |
HIGH
Network
|
ibm
|
workflow
|
IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wi…
|
CWE-287
Improper Authentication
|
CVE-2015-0102
|
2024-11-21 11:22 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277740
|
7.5 |
HIGH
Network
|
gnu
debian
redhat
|
gnutls
debian_linux
enterprise_linux
|
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0294
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
