|
276721
|
- |
|
ibm
|
openpages_grc_platform
|
IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to modify arbitrary user filters via a JSON request.
|
CWE-284
Improper Access Control
|
CVE-2015-0141
|
2024-11-21 11:22 |
2015-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276722
|
- |
|
open_source_point_of_sale_project
|
open_source_point_of_sale
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Source Point of Sale 2.3.1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0299
|
2024-11-21 11:22 |
2015-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276723
|
- |
|
redhat
|
mod_cluster
|
Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Alpha1 allows remote attackers to inject arbitrary web script or HTML via a crafted MCMP message.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0298
|
2024-11-21 11:22 |
2015-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276724
|
- |
|
picketlink
|
picketlink
|
The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to ot…
|
CWE-284
Improper Access Control
|
CVE-2015-0277
|
2024-11-21 11:22 |
2015-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276725
|
- |
|
apache
apple
oracle
|
http_server
mac_os_x
mac_os_x_server
solaris
linux
|
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NUL…
|
NVD-CWE-Other
|
CVE-2015-0253
|
2024-11-21 11:22 |
2015-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276726
|
- |
|
ibm
|
db2
|
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by leveragin…
|
CWE-20
Improper Input Validation
|
CVE-2015-0157
|
2024-11-21 11:22 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276727
|
- |
|
ibm
|
rational_doors_next_generation
rational_team_concert
rational_collaborative_lifecycle_management
rational_requirements_composer
rational_quality_manager
|
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Qualit…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0130
|
2024-11-21 11:22 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276728
|
- |
|
ibm
redhat
suse
|
java
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_server_eus
linux_enterprise_server
linux_enterpris…
|
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via…
|
NVD-CWE-noinfo
|
CVE-2015-0192
|
2024-11-21 11:22 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276729
|
- |
|
ibm
|
websphere_commerce
|
CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 Cumulative iFix 2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response…
|
NVD-CWE-Other
|
CVE-2015-0196
|
2024-11-21 11:22 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276730
|
- |
|
ibm
|
leads
|
Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before …
|
CWE-79
Cross-site Scripting
|
CVE-2015-0131
|
2024-11-21 11:22 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
