|
268971
|
- |
|
lockon
|
ec-cube
|
Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.3 allows remote attackers to hijack the authentication of arbitrary users for requests that write to PHP scripts,…
|
CWE-352
Origin Validation Error
|
CVE-2015-5665
|
2024-11-21 11:33 |
2015-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268972
|
- |
|
numara
|
asset_manager
|
HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-5448
|
2024-11-21 11:33 |
2015-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268973
|
- |
|
linux
canonical
debian
suse
|
linux_kernel
ubuntu_linux
debian_linux
suse_linux_enterprise_server
suse_linux_enterprise_desktop
|
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-5707
|
2024-11-21 11:33 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268974
|
- |
|
airdroid
|
airdroid
|
The SAND STUDIO AirDroid application 1.1.0 and earlier for Android mishandles implicit intents, which allows attackers to obtain sensitive information via a crafted application.
|
CWE-200
Information Exposure
|
CVE-2015-5661
|
2024-11-21 11:33 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268975
|
- |
|
avast
|
avast_antivirus
|
Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or write to arbitrary files via a crafted entry in a ZIP archive.
|
CWE-22
Path Traversal
|
CVE-2015-5662
|
2024-11-21 11:33 |
2015-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268976
|
- |
|
hp
|
smart_profile_server_data_analytics_layer
|
Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profile Server Data Analytics Layer (SPS DAL) 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5444
|
2024-11-21 11:33 |
2015-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268977
|
- |
|
veeam
|
veeam_backup_\&_replication
|
VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator credentials in log files with world-readable permissions, which allows local users to obtain sensitive…
|
CWE-200
Information Exposure
|
CVE-2015-5742
|
2024-11-21 11:33 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268978
|
- |
|
extplorer
|
extplorer
|
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.
|
CWE-352
Origin Validation Error
|
CVE-2015-5660
|
2024-11-21 11:33 |
2015-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268979
|
- |
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Co…
|
CWE-416
Use After Free
|
CVE-2015-5586
|
2024-11-21 11:33 |
2015-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268980
|
- |
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 o…
|
CWE-200
Information Exposure
|
CVE-2015-5583
|
2024-11-21 11:33 |
2015-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
