|
267521
|
- |
|
apple
|
mac_os_x
|
libxpc in launchd in Apple OS X before 10.11 does not restrict the creation of processes for network connections, which allows remote attackers to cause a denial of service (resource consumption) by …
|
CWE-399
Resource Management Errors
|
CVE-2015-7760
|
2024-11-21 11:37 |
2015-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267522
|
- |
|
google
|
android
|
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to cause a denial of service (process crash) via unspecified vectors, aka internal bug 22278703, a different …
|
NVD-CWE-noinfo
|
CVE-2015-7718
|
2024-11-21 11:37 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267523
|
- |
|
google
|
android
|
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 19573085, a different vulnerability than CVE-2…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7717
|
2024-11-21 11:37 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267524
|
- |
|
google
|
android
|
libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 2072105…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7716
|
2024-11-21 11:37 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267525
|
- |
|
cisco
|
vpn_client
|
Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the Applica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7600
|
2024-11-21 11:37 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267526
|
- |
|
email-address_project
|
email-address
|
Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string c…
|
CWE-20
CWE-399
Improper Input Validation
Resource Management Errors
|
CVE-2015-7686
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267527
|
- |
|
arkeia
|
western_digital_arkeia
|
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted req…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7709
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267528
|
- |
|
4homepages
|
4images
|
Cross-site scripting (XSS) vulnerability in 4images 1.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat_description parameter in an updatecat action to admin…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7708
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267529
|
- |
|
igniterealtime
|
openfire
|
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7707
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267530
|
- |
|
glpi-project
|
glpi
|
GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the _profiles_id parameter to front/user.form.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7685
|
2024-11-21 11:37 |
2015-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
