|
273671
|
8.1 |
HIGH
Network
|
hp
|
linux_imaging_and_printing
|
The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle attackers to execute arbitrary code by leveraging use of a short GPG key id from a keyserver to ve…
|
CWE-320
Key Management Errors
|
CVE-2015-0839
|
2024-11-21 11:23 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273672
|
5.9 |
MEDIUM
Network
|
shidax
|
restaurant_karaoke
|
The Restaurant Karaoke SHIDAX app 1.3.3 and earlier on Android does not verify SSL certificates, which allows remote attackers to obtain sensitive information via a man-in-the-middle attack.
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0904
|
2024-11-21 11:23 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273673
|
6.1 |
MEDIUM
Network
|
cisco
|
cloud_web_security
|
Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revision allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0674
|
2024-11-21 11:23 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273674
|
8.0 |
HIGH
Adjacent
|
samsung
|
galaxy_app
samsung_account_app
|
Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0864
|
2024-11-21 11:23 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273675
|
8.0 |
HIGH
Adjacent
|
samsung
|
galaxy_app
samsung_account_app
|
GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary cod…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0863
|
2024-11-21 11:23 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273676
|
9.8 |
CRITICAL
Network
|
pitivi
|
pitivi
|
The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path.
|
CWE-94
Code Injection
|
CVE-2015-0855
|
2024-11-21 11:23 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273677
|
7.8 |
HIGH
Local
|
shutter-project
|
shutter
|
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action.
|
CWE-19
Data Processing Errors
|
CVE-2015-0854
|
2024-11-21 11:23 |
2016-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273678
|
6.1 |
MEDIUM
Network
|
netiq
|
identity_manager
|
XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0787
|
2024-11-21 11:23 |
2016-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273679
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions…
|
CWE-362
Race Condition
|
CVE-2015-0572
|
2024-11-21 11:23 |
2016-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273680
|
8.0 |
HIGH
Network
|
cisco
|
nx-os
|
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended A…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0721
|
2024-11-21 11:23 |
2016-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
