|
270371
|
- |
|
elastic
|
logstash
|
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references …
|
CWE-22
Path Traversal
|
CVE-2015-4152
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270372
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
hostapd
opensuse
|
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remo…
|
NVD-CWE-noinfo
|
CVE-2015-4146
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270373
|
- |
|
w1.fi
opensuse
|
hostapd
opensuse
wpa_supplicant
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of se…
|
CWE-399
Resource Management Errors
|
CVE-2015-4145
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270374
|
- |
|
opensuse
w1.fi
|
opensuse
hostapd
wpa_supplicant
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attacke…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4144
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270375
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
hostapd
opensuse
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4143
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270376
|
- |
|
w1.fi
redhat
opensuse
|
wpa_supplicant
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
hostapd
opensuse
|
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a de…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4142
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270377
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
hostapd
opensuse
|
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a n…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4141
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270378
|
- |
|
ispconfig
|
ispconfig
|
Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remote attackers to hijack the authentication of (1) administrators for requests that create an administ…
|
CWE-352
Origin Validation Error
|
CVE-2015-4119
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270379
|
- |
|
ispconfig
|
ispconfig
|
SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remote authenticated users with monitor permissions to execute arbitrary SQL commands via the server par…
|
CWE-89
SQL Injection
|
CVE-2015-4118
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270380
|
- |
|
elastic
|
kibana
|
Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4093
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
