|
276701
|
- |
|
apache
|
ambari
|
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive infor…
|
CWE-200
Information Exposure
|
CVE-2015-4928
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276702
|
- |
|
redhat
fedoraproject
qemu
|
openstack
fedora
qemu
|
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5225
|
2024-11-21 11:32 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276703
|
- |
|
redhat
|
openshift
|
Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handle…
|
CWE-22
Path Traversal
|
CVE-2015-5305
|
2024-11-21 11:32 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276704
|
- |
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenticated DataStage users to bypass intended job-execution restrictions or obtain sensitive information via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5021
|
2024-11-21 11:32 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276705
|
- |
|
ibm
|
tivoli_storage_manager
|
The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4927
|
2024-11-21 11:32 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276706
|
- |
|
wp-championship_project
|
wp-championship
|
Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp-championship plugin 5.8 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user, (2) isadmin, (3…
|
CWE-89
SQL Injection
|
CVE-2015-5308
|
2024-11-21 11:32 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276707
|
- |
|
arm
polarssl
debian
fedoraproject
opensuse
|
mbed_tls
polarssl
debian_linux
fedora
leap
opensuse
|
Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5291
|
2024-11-21 11:32 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276708
|
- |
|
apache
|
ambari
|
Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.
|
NVD-CWE-Other
|
CVE-2015-5210
|
2024-11-21 11:32 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276709
|
- |
|
kallithea-scm
|
kallithea
|
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.
|
NVD-CWE-Other
|
CVE-2015-5285
|
2024-11-21 11:32 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276710
|
- |
|
fedoraproject
|
sssd
|
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause …
|
CWE-399
Resource Management Errors
|
CVE-2015-5292
|
2024-11-21 11:32 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
