|
273241
|
- |
|
ibm
|
security_qradar_incident_forensics
|
SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-1989
|
2024-11-21 11:26 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273242
|
- |
|
apache
|
ambari
|
Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured servic…
|
NVD-CWE-Other
|
CVE-2015-1775
|
2024-11-21 11:26 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273243
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unkno…
|
NVD-CWE-noinfo
|
CVE-2015-1829
|
2024-11-21 11:26 |
2015-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273244
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1814
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273245
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerabili…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1813
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273246
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerabili…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1812
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273247
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1810
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273248
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service (improper plug-in and tool installation) via crafted update center data.
|
CWE-20
Improper Input Validation
|
CVE-2015-1808
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273249
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building …
|
CWE-22
Path Traversal
|
CVE-2015-1807
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273250
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1806
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
