|
273541
|
- |
|
privoxy
|
privoxy
|
Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are…
|
CWE-399
Resource Management Errors
|
CVE-2015-1030
|
2024-11-21 11:24 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273542
|
- |
|
oracle
libpng
apple
|
solaris
libpng
mac_os_x
|
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a larg…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0973
|
2024-11-21 11:24 |
2015-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273543
|
- |
|
ceragon
|
fiberair_ip-10g
fiberair_ip-10e
fiberair_ip-10c
|
Ceragon FibeAir IP-10 bridges have a default password for the root account, which makes it easier for remote attackers to obtain access via a (1) HTTP, (2) SSH, (3) TELNET, or (4) CLI session.
|
CWE-255
Credentials Management
|
CVE-2015-0924
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273544
|
- |
|
puppet
|
stdlib
|
The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1029
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273545
|
- |
|
insanevisions
|
adaptcms
|
Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP…
|
NVD-CWE-Other
|
CVE-2015-1060
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273546
|
- |
|
insanevisions
|
adaptcms
|
Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it…
|
CWE-94
Code Injection
|
CVE-2015-1059
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273547
|
- |
|
insanevisions
|
adaptcms
|
Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Category][title] parameter to admin/categories/add…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1058
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273548
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2.0.0 allows remote attackers to inject arbitrary web script or HTML via the "Real Name" value.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1057
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273549
|
- |
|
brother
|
mfc-j4410dw_firmware
mfc-j4410dw
|
Cross-site scripting (XSS) vulnerability in Brother MFC-J4410DW printer with firmware before L allows remote attackers to inject arbitrary web script or HTML via the url parameter to general/status.h…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1056
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273550
|
- |
|
10web
|
photo_gallery
|
SQL injection vulnerability in the Photo Gallery plugin 1.2.7 for WordPress allows remote attackers to execute arbitrary SQL commands via the order_by parameter in a GalleryBox action to wp-admin/adm…
|
CWE-89
SQL Injection
|
CVE-2015-1055
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
