|
280461
|
- |
|
fedoraproject
oracle
7-zip
|
fedora
solaris
p7zip
|
p7zip 9.20.1 allows remote attackers to write to arbitrary files via a symlink attack in an archive.
|
CWE-59
Link Following
|
CVE-2015-1038
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280462
|
- |
|
siemens
|
simatic_s7_1200_cpu_firmware
|
Open redirect vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1 allows remote attackers to redirect users to arbitrary web sites and conduct p…
|
NVD-CWE-Other
|
CVE-2015-1048
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280463
|
- |
|
getusedtoit
|
wp_slimstat
|
Cross-site scripting (XSS) vulnerability in the Save Filters functionality in the WP Slimstat plugin before 3.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1204
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280464
|
- |
|
serve-static_project
|
serve-static
|
Open redirect vulnerability in the serve-static plugin before 1.7.2 for Node.js, when mounted at the root, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attack…
|
NVD-CWE-Other
|
CVE-2015-1164
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280465
|
- |
|
kiwix
|
kiwix
|
Cross-site scripting (XSS) vulnerability in Kiwix before 0.9.1, when using kiwix-serve, allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to /search.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1032
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280466
|
- |
|
dlink
|
dsl-2730b_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2730B router (rev C1) with firmware GE_1.01 allow remote authenticated users to inject arbitrary web script or HTML via the (1) domai…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1028
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280467
|
- |
|
privoxy
|
privoxy
|
Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are…
|
NVD-CWE-noinfo
|
CVE-2015-1201
|
2024-11-21 11:24 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280468
|
- |
|
privoxy
|
privoxy
|
Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are…
|
CWE-399
Resource Management Errors
|
CVE-2015-1030
|
2024-11-21 11:24 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280469
|
- |
|
oracle
libpng
apple
|
solaris
libpng
mac_os_x
|
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a larg…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0973
|
2024-11-21 11:24 |
2015-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280470
|
- |
|
ceragon
|
fiberair_ip-10g
fiberair_ip-10e
fiberair_ip-10c
|
Ceragon FibeAir IP-10 bridges have a default password for the root account, which makes it easier for remote attackers to obtain access via a (1) HTTP, (2) SSH, (3) TELNET, or (4) CLI session.
|
CWE-255
Credentials Management
|
CVE-2015-0924
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
