|
278551
|
- |
|
redhat
|
kexec-tools
|
The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-19 packages in Red Hat Enterprise Linux, allows local users to write to arbitrary files via a symlin…
|
NVD-CWE-Other
|
CVE-2015-0267
|
2024-11-21 11:22 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278552
|
- |
|
fedoraproject
libuv_project
nodejs
|
fedora
libuv
node.js
|
libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attackers to gain privileges via unspecified vectors.
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2015-0278
|
2024-11-21 11:22 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278553
|
- |
|
redhat
|
enterprise_virtualization_manager
|
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0257
|
2024-11-21 11:22 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278554
|
- |
|
redhat
|
enterprise_virtualization_manager
|
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users t…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0237
|
2024-11-21 11:22 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278555
|
- |
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly implement authData elements, which allows remote authenticated users to gain privileges via unspecified vec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0175
|
2024-11-21 11:22 |
2015-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278556
|
- |
|
ibm
|
websphere_application_server
|
The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not properly handle configuration data, which allows remote authenticated users to obtain sensitive informati…
|
CWE-200
Information Exposure
|
CVE-2015-0174
|
2024-11-21 11:22 |
2015-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278557
|
- |
|
ibm
|
websphere_mq
|
Cross-site scripting (XSS) vulnerability in MQ XR WebSockets Listener in WMQ Telemetry in IBM WebSphere MQ 8.0 before 8.0.0.2 allows remote attackers to inject arbitrary web script or HTML via a craf…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0176
|
2024-11-21 11:22 |
2015-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278558
|
- |
|
ibm
|
rational_software_architect_design_manager
rational_team_concert
rational_rhapsody_design_manager
rational_collaborative_lifecycle_management
rational_requirements_composer
rational_do…
|
The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational Quality Manager 4.0 through 4.0.7 and 5.0 through 5.0.2, Rational Team Concert 4.0 through 4.0.7 an…
|
CWE-200
Information Exposure
|
CVE-2015-0113
|
2024-11-21 11:22 |
2015-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278559
|
- |
|
redhat
|
jboss_operations_network
|
Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allows remote attackers to execute arbitrary Java methods via the (1) ServerInvokerServlet or (2) Sched…
|
CWE-284
Improper Access Control
|
CVE-2015-0297
|
2024-11-21 11:22 |
2015-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278560
|
- |
|
ibm
|
domino
|
IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute arbitrary code or cause a denial of service (integer truncation and application crash) via a crafte…
|
CWE-189
Numeric Errors
|
CVE-2015-0135
|
2024-11-21 11:22 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
