|
285961
|
- |
|
ibm
|
security_access_manager_for_web_7.0_firmware security_access_manager_for_web_8.0_firmware
|
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not l…
|
CWE-200
Information Exposure
|
CVE-2015-1892
|
2024-11-21 11:26 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285962
|
- |
|
hp
|
operations_orchestration
|
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2109
|
2024-11-21 11:26 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285963
|
- |
|
hp
|
operations_orchestration
|
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
|
CWE-200
Information Exposure
|
CVE-2015-2108
|
2024-11-21 11:26 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285964
|
- |
|
hp
|
integrated_lights-out_3_firmware integrated_lights-out_2_firmware integrated_lights-out_4_firmware
|
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial o…
|
NVD-CWE-noinfo
|
CVE-2015-2106
|
2024-11-21 11:26 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285965
|
- |
|
dokuwiki
|
dokuwiki
|
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via …
|
CWE-284
Improper Access Control
|
CVE-2015-2172
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285966
|
- |
|
slimframework
|
slim
|
Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data.
|
CWE-94
Code Injection
|
CVE-2015-2171
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285967
|
- |
|
freeipa fedoraproject
|
freeipa fedora
|
The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of ser…
|
CWE-19
Data Processing Errors
|
CVE-2015-1827
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285968
|
- |
|
selinux fedoraproject
|
setroubleshoot fedora
|
The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name.
|
CWE-77
Command Injection
|
CVE-2015-1815
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285969
|
- |
|
fedoraproject debian opensuse putty simon_tatham
|
fedora debian_linux opensuse putty
|
The (1) ssh2_load_userkey and (2) ssh2_save_userkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information …
|
CWE-200
Information Exposure
|
CVE-2015-2157
|
2024-11-21 11:26 |
2015-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
285970
|
- |
|
debian fedoraproject opensuse oracle tcpdump
|
debian_linux fedora opensuse solaris tcpdump
|
The force printer in tcpdump before 4.7.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2155
|
2024-11-21 11:26 |
2015-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|