|
273671
|
- |
|
canonical
opensuse
mozilla
|
ubuntu_linux
opensuse
firefox
|
Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requirements on JavaScript object properties, which allows remote attackers to bypass the Same Origin P…
|
CWE-200
Information Exposure
|
CVE-2015-4478
|
2024-11-21 11:31 |
2015-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273672
|
- |
|
canonical
opensuse
mozilla
|
ubuntu_linux
opensuse
firefox
|
Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allows remote attackers to execute arbitrary code via unspecified use of the Web Audio API.
|
NVD-CWE-Other
|
CVE-2015-4477
|
2024-11-21 11:31 |
2015-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273673
|
- |
|
mozilla
canonical
opensuse
|
firefox
ubuntu_linux
opensuse
|
The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mishandles inconsistent sample formats within MP3 audio data, which allows remote attackers to execute …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4475
|
2024-11-21 11:31 |
2015-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273674
|
- |
|
canonical
opensuse
mozilla
|
ubuntu_linux
opensuse
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
NVD-CWE-noinfo
|
CVE-2015-4474
|
2024-11-21 11:31 |
2015-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273675
|
- |
|
canonical
debian
opensuse
mozilla
|
ubuntu_linux
debian_linux
opensuse
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4473
|
2024-11-21 11:31 |
2015-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273676
|
- |
|
xceedium
|
xsuite
|
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// (quadruple dot double slash) in the lo…
|
CWE-22
Path Traversal
|
CVE-2015-4666
|
2024-11-21 11:31 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273677
|
- |
|
xceedium
|
xsuite
|
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4665
|
2024-11-21 11:31 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273678
|
- |
|
cacti
|
cacti
|
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
|
CWE-89
SQL Injection
|
CVE-2015-4634
|
2024-11-21 11:31 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273679
|
- |
|
mozilla
|
firefox_os
|
Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-4494
|
2024-11-21 11:31 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273680
|
- |
|
timedoctor
|
timedoctor
|
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2015-4674
|
2024-11-21 11:31 |
2015-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
