|
270071
|
- |
|
panasonic
|
security_api_activex_sdk
|
Multiple stack-based buffer overflows in Ipropsapi in Panasonic Security API (PS-API) ActiveX SDK before 8.10.18 allow remote attackers to execute arbitrary code via a long string in the (1) FilePass…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4647
|
2024-11-21 11:31 |
2015-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270072
|
- |
|
open-emr
|
openemr
|
interface/globals.php in OpenEMR 2.x, 3.x, and 4.x before 4.2.0 patch 2 allows remote attackers to bypass authentication and obtain sensitive information via an ignoreAuth=1 value to certain scripts,…
|
CWE-287
Improper Authentication
|
CVE-2015-4453
|
2024-11-21 11:31 |
2015-07-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270073
|
- |
|
emc
|
isilon_onefs
|
The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute ar…
|
CWE-77
Command Injection
|
CVE-2015-4525
|
2024-11-21 11:31 |
2015-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270074
|
- |
|
emc
|
documentum_webtop
documentum_administrator
documentum_taskspace
documentum_digital_asset_manager
documentum_web_publisher
|
Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2015-4524
|
2024-11-21 11:31 |
2015-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270075
|
- |
|
wvware
|
libwmf
|
Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) via a crafted WMF file to the (1) wmf2gd or (2) wmf2eps command.
|
NVD-CWE-Other
|
CVE-2015-4696
|
2024-11-21 11:31 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270076
|
- |
|
wvware
|
libwmf
|
meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WMF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4695
|
2024-11-21 11:31 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270077
|
- |
|
opensuse
wvware
fedoraproject
|
opensuse
libwmf
fedora
|
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length coun…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4588
|
2024-11-21 11:31 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270078
|
- |
|
nextendweb
|
facebook_connect
|
Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-connect.php in Nextend Facebook Connect plugin before 1.5.6 for WordPress allows remote attackers to in…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4413
|
2024-11-21 11:31 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270079
|
- |
|
audiosharescript
|
audioshare
|
PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config['basedir'] parameter.
|
CWE-94
Code Injection
|
CVE-2015-4726
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270080
|
- |
|
audiosharescript
|
audioshare
|
Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the email parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4725
|
2024-11-21 11:31 |
2015-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
