|
272021
|
5.4 |
MEDIUM
Network
|
content_text_slider_on_post_project
|
content_text_slider_on_post
|
The Content text slider on post WordPress plugin before 6.9 does not sanitise and escape the Title and Message/Content settings, which could lead to Cross-Site Scripting issues
|
-
|
CVE-2015-20019
|
2024-11-21 11:26 |
2021-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272022
|
7.5 |
HIGH
Network
|
sap
|
businessobjects_edge
|
The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary files via a full pathname, aka SAP Note 2018681.
|
CWE-22
Path Traversal
|
CVE-2015-2074
|
2024-11-21 11:26 |
2021-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272023
|
7.5 |
HIGH
Network
|
sap
|
businessobjects_edge
|
The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files via a full pathname, aka SAP Note 2018682.
|
CWE-22
Path Traversal
|
CVE-2015-2073
|
2024-11-21 11:26 |
2021-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272024
|
8.8 |
HIGH
Network
|
webgate
|
edvr_manager
control_center
|
Multiple stack-based buffer overflows in WebGate eDVR Manager and Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the (1) TCPDiscover or (2) TCPDiscover2 fu…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-2100
|
2024-11-21 11:26 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272025
|
8.8 |
HIGH
Network
|
webgateinc
|
control_center
|
Multiple buffer overflows in WebGate Control Center allow remote attackers to execute arbitrary code via unspecified vectors to the (1) GetRecFileInfo function in the FileConverter.FileConverterCtrl.…
|
CWE-120
Classic Buffer Overflow
|
CVE-2015-2099
|
2024-11-21 11:26 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272026
|
8.8 |
HIGH
Network
|
webgateinc
|
edvr_manager
|
Multiple stack-based buffer overflows in WebGate eDVR Manager allow remote attackers to execute arbitrary code via unspecified vectors to the (1) Connect, (2) ConnectEx, or (3) ConnectEx2 function in…
|
CWE-120
Classic Buffer Overflow
|
CVE-2015-2098
|
2024-11-21 11:26 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272027
|
8.8 |
HIGH
Network
|
freedesktop
debian
|
xdg-utils
debian_linux
|
The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands…
|
CWE-77
Command Injection
|
CVE-2015-1877
|
2024-11-21 11:26 |
2021-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272028
|
7.5 |
HIGH
Network
|
rust-lang
|
rust
|
In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-20001
|
2024-11-21 11:26 |
2021-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272029
|
7.2 |
HIGH
Network
|
huge-it
|
huge-it_slider
|
Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide paramet…
|
CWE-89
SQL Injection
|
CVE-2015-2062
|
2024-11-21 11:26 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272030
|
7.5 |
HIGH
Network
|
jenkins
|
cloudbees
|
XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via a crafted XML document.
|
CWE-611
XXE
|
CVE-2015-1811
|
2024-11-21 11:26 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
