|
268901
|
7.5 |
HIGH
Network
|
axway
|
vordel_xml_gateway
|
Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service via a specially crafted request.
|
CWE-20
Improper Input Validation
|
CVE-2015-5606
|
2024-11-21 11:33 |
2019-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268902
|
9.8 |
CRITICAL
Network
|
codeigniter
|
codeigniter
|
SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset vari…
|
CWE-89
SQL Injection
|
CVE-2015-5725
|
2024-11-21 11:33 |
2018-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268903
|
6.5 |
MEDIUM
Network
|
freebsd
|
freebsd
|
The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 before 10.2-RC2-p1, 10.2-RC1 before 10.2-RC1-p2, 10.2 before 10.2-BETA2-p3, and 10.1 before 10.1-RELEASE-p17 allows remote authentica…
|
CWE-20
Improper Input Validation
|
CVE-2015-5674
|
2024-11-21 11:33 |
2018-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268904
|
7.2 |
HIGH
Network
|
count_per_day_project
|
count_per_day
|
SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for WordPress allows remote authenticated administrators to execute arbitrary SQL commands via the cpd_keep…
|
CWE-89
SQL Injection
|
CVE-2015-5533
|
2024-11-21 11:33 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268905
|
6.1 |
MEDIUM
Network
|
strangerstudios
|
paid_memberships_pro
|
Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin before 1.8.4.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) s…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5532
|
2024-11-21 11:33 |
2017-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268906
|
7.8 |
HIGH
Local
|
cumulusnetworks
|
cumulus_linux
|
The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5699
|
2024-11-21 11:33 |
2017-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268907
|
9.8 |
CRITICAL
Network
|
golang
fedoraproject
redhat
|
go
fedora
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_server
enterprise_linux_server_eus
|
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request with two Co…
|
CWE-444
HTTP Request Smuggling
|
CVE-2015-5740
|
2024-11-21 11:33 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268908
|
9.8 |
CRITICAL
Network
|
golang
fedoraproject
redhat
|
go
fedora
enterprise_linux_server_aus
enterprise_linux_server_tus
enterprise_linux_server
enterprise_linux_server_eus
|
The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP header keys, which allows remote attackers to conduct HTTP request smuggling attacks via a space instea…
|
CWE-444
HTTP Request Smuggling
|
CVE-2015-5739
|
2024-11-21 11:33 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268909
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileges or cause a denial of service (kernel panic).
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5675
|
2024-11-21 11:33 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268910
|
7.4 |
HIGH
Network
|
dwango
|
niconico
|
niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers to execute man-in-the-middle attacks.
|
CWE-295
Improper Certificate Validation
|
CVE-2015-5639
|
2024-11-21 11:33 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
