|
277471
|
- |
|
linux
|
linux_kernel
|
The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5156
|
2024-11-21 11:32 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277472
|
- |
|
ibm
|
vios
aix
|
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4948
|
2024-11-21 11:32 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277473
|
- |
|
ibm
|
license_metric_tool
|
IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2.1.0 allow remote authenticated users to bypass intended access restrictions and obtain sensitive i…
|
CWE-200
Information Exposure
|
CVE-2015-4929
|
2024-11-21 11:32 |
2015-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277474
|
- |
|
fedoraproject
redhat
opensuse
|
fedora
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_hpc_node
opensuse
icedtea
|
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned applets, which allows remote attackers to bypass the approval process or trick users into approving …
|
CWE-20
Improper Input Validation
|
CVE-2015-5235
|
2024-11-21 11:32 |
2015-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277475
|
- |
|
redhat
opensuse
fedoraproject
|
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
opensuse
icedtea
fedora
|
IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows remote attackers to inject applets into the .appletTrustSettings configuration file and bypass use…
|
CWE-20
Improper Input Validation
|
CVE-2015-5234
|
2024-11-21 11:32 |
2015-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277476
|
- |
|
ibm
|
emptoris_sourcing
|
IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 10.0.2.3, 10.0.2.5 before iFix4, 10.0.2.6 before iFix8, 10.0.2.7 before iFix1, and 10.0.4.x before iFix2 allows remote authenticat…
|
CWE-200
Information Exposure
|
CVE-2015-5024
|
2024-11-21 11:32 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277477
|
- |
|
ibm
|
b2b_advanced_communications
|
IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2, when access by guests is enabled, place an internal hostname and a p…
|
CWE-200
Information Exposure
|
CVE-2015-5022
|
2024-11-21 11:32 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277478
|
- |
|
ibm
|
sterling_b2b_integrator
|
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-4992
|
2024-11-21 11:32 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277479
|
- |
|
ibm
|
b2b_advanced_communications
|
Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2 allows remote attackers t…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4973
|
2024-11-21 11:32 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277480
|
- |
|
ibm
|
emptoris
emptoris_program_management
|
Cross-site scripting (XSS) vulnerability in IBM Emptoris Strategic Supply Management Platform and Emptoris Program Management 10.x before 10.0.1.4_iFix3, 10.0.2.x before 10.0.2.7_iFix1, 10.0.3.x befo…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4971
|
2024-11-21 11:32 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
