|
277101
|
8.4 |
HIGH
Local
|
zarafa
fedoraproject
|
zarafa_collaboration_platform
fedora
|
zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain privileges via a symlink attack on /tmp/zarafa-vacation-*.
|
CWE-59
Link Following
|
CVE-2015-6566
|
2024-11-21 11:35 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277102
|
7.8 |
HIGH
Local
|
apple
|
mac_os_x
|
Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6980
|
2024-11-21 11:35 |
2016-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277103
|
6.3 |
MEDIUM
Network
|
vmware
|
player
workstation
esxi
fusion
|
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 all…
|
CWE-284
Improper Access Control
|
CVE-2015-6933
|
2024-11-21 11:35 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277104
|
7.8 |
HIGH
Local
|
dell
|
pre-boot_authentication_driver
|
Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6856
|
2024-11-21 11:35 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277105
|
8.4 |
HIGH
Local
|
hp
|
ucmdb_browser
|
HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors.
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2015-6862
|
2024-11-21 11:35 |
2016-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277106
|
7.8 |
HIGH
Local
|
google
|
android
|
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka i…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6647
|
2024-11-21 11:35 |
2016-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277107
|
6.2 |
MEDIUM
Local
|
google
|
android
|
The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction be…
|
CWE-399
Resource Management Errors
|
CVE-2015-6646
|
2024-11-21 11:35 |
2016-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277108
|
5.0 |
MEDIUM
Local
|
google
|
android
|
SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a denial of service (continuous rebooting) via a crafted application, aka internal bug 23591205.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6645
|
2024-11-21 11:35 |
2016-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277109
|
3.3 |
LOW
Local
|
google
|
android
|
Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information via a crafted application, aka internal bug 24106146.
|
CWE-200
Information Exposure
|
CVE-2015-6644
|
2024-11-21 11:35 |
2016-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277110
|
6.6 |
MEDIUM
Physics
|
google
|
android
|
Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximate attackers to modify settings or bypass a reset protection mechanism via unspecified vectors, aka …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6643
|
2024-11-21 11:35 |
2016-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
