|
276881
|
- |
|
microsoft
|
vbscript
internet_explorer
|
vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 8 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service (mem…
|
CWE-399
Resource Management Errors
|
CVE-2015-0032
|
2024-11-21 11:22 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276882
|
- |
|
microsoft
|
windows_server_2008
windows_2003_server
windows_server_2012
|
The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to …
|
CWE-254
7PK - Security Features
|
CVE-2015-0005
|
2024-11-21 11:22 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276883
|
- |
|
redhat
|
openstack
|
The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (horizon) allows remote attackers to read arbitrary files via a crafted path.
|
CWE-200
Information Exposure
|
CVE-2015-0271
|
2024-11-21 11:22 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276884
|
- |
|
pivotal_software
vmware
|
spring_framework
|
The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ids, which allows remote attackers to send messages to other sessions via unspecified vectors.
|
CWE-254
7PK - Security Features
|
CVE-2015-0201
|
2024-11-21 11:22 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276885
|
- |
|
apache
canonical
|
standard_taglibs
ubuntu_linux
|
Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform…
|
NVD-CWE-Other
|
CVE-2015-0254
|
2024-11-21 11:22 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276886
|
- |
|
apache
canonical
apple
opensuse
|
http_server
ubuntu_linux
mac_os_x
mac_os_x_server
opensuse
|
The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server through 2.4.12 allows remote attackers to cause a denial of service (child-process crash) by sending a…
|
CWE-20
Improper Input Validation
|
CVE-2015-0228
|
2024-11-21 11:22 |
2015-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276887
|
- |
|
linux
canonical
debian
oracle
redhat
|
linux_kernel
ubuntu_linux
debian_linux
linux
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
|
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a…
|
CWE-269
Improper Privilege Management
|
CVE-2015-0239
|
2024-11-21 11:22 |
2015-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276888
|
- |
|
redhat
samba
novell
canonical
|
enterprise_linux
samba
suse_linux_enterprise_server
suse_linux_enterprise_desktop
suse_linux_enterprise_software_development_kit
ubuntu_linux
|
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized st…
|
CWE-17
Code
|
CVE-2015-0240
|
2024-11-21 11:22 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276889
|
- |
|
adobe
|
flash_player
|
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary…
|
NVD-CWE-Other
|
CVE-2015-0331
|
2024-11-21 11:22 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276890
|
- |
|
textangular
|
textangular
|
Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0167
|
2024-11-21 11:22 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
