|
274761
|
3.7 |
LOW
Network
|
openssl
canonical
hp
ibm
oracle
debian
suse
apple
mozilla
opera
microsoft
google
|
openssl
ubuntu_linux
hp-ux
content_manager
jrockit
debian_linux
jdk
jre
linux_enterprise_server
linux_enterprise_software_development_kit
linux_enterprise_desktop
sus…
|
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to c…
|
CWE-310
Cryptographic Issues
|
CVE-2015-4000
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274762
|
- |
|
valvesoftware
|
steam_client
|
The client detection protocol in Valve Steam allows remote attackers to cause a denial of service (process crash) via a crafted response to a broadcast packet.
|
CWE-20
Improper Input Validation
|
CVE-2015-4016
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274763
|
- |
|
piriform
|
ccleaner
|
Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting files, which allows local users to obtain sensitive information by searching unallocated disk space.
|
CWE-200
Information Exposure
|
CVE-2015-3999
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274764
|
- |
|
sonicwall
|
uma_em5000_firmware
global_management_system
analyzer
|
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configu…
|
CWE-19
Data Processing Errors
|
CVE-2015-3990
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274765
|
- |
|
google
|
v8
chrome
|
Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknow…
|
NVD-CWE-noinfo
|
CVE-2015-3910
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274766
|
- |
|
openstack
oracle
|
horizon
solaris
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3988
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274767
|
- |
|
dcraw_project
fedoraproject
|
dcraw
fedora
|
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to t…
|
CWE-189
Numeric Errors
|
CVE-2015-3885
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274768
|
- |
|
concrete5
|
concrete5
|
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to private messages or other unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3989
|
2024-11-21 11:30 |
2015-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274769
|
- |
|
mcafee
|
epo_deep_command
|
Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via un…
|
CWE-426
Untrusted Search Path
|
CVE-2015-3987
|
2024-11-21 11:30 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274770
|
- |
|
thecartpress
|
thecartpress_ecommerce_shopping_cart
|
Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attacke…
|
CWE-352
Origin Validation Error
|
CVE-2015-3986
|
2024-11-21 11:30 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
