|
274011
|
- |
|
dlink
|
dsl-2730b_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2730B router (rev C1) with firmware GE_1.01 allow remote authenticated users to inject arbitrary web script or HTML via the (1) domai…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1028
|
2024-11-21 11:24 |
2015-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274012
|
- |
|
privoxy
|
privoxy
|
Privoxy before 3.0.22 allows remote attackers to cause a denial of service (file descriptor consumption) via unspecified vectors. NOTE: the provenance of this information is unknown; the details are…
|
NVD-CWE-noinfo
|
CVE-2015-1201
|
2024-11-21 11:24 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274013
|
- |
|
privoxy
|
privoxy
|
Memory leak in the rfc2553_connect_to function in jbsocket.c in Privoxy before 3.0.22 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests that are…
|
CWE-399
Resource Management Errors
|
CVE-2015-1030
|
2024-11-21 11:24 |
2015-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274014
|
- |
|
oracle
libpng
apple
|
solaris
libpng
mac_os_x
|
Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x before 1.6.16 allows context-dependent attackers to execute arbitrary code via IDAT data with a larg…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0973
|
2024-11-21 11:24 |
2015-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274015
|
- |
|
ceragon
|
fiberair_ip-10g
fiberair_ip-10e
fiberair_ip-10c
|
Ceragon FibeAir IP-10 bridges have a default password for the root account, which makes it easier for remote attackers to obtain access via a (1) HTTP, (2) SSH, (3) TELNET, or (4) CLI session.
|
CWE-255
Credentials Management
|
CVE-2015-0924
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274016
|
- |
|
puppet
|
stdlib
|
The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1029
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274017
|
- |
|
insanevisions
|
adaptcms
|
Open redirect vulnerability in lib/Cake/Controller/Controller.php in AdaptCMS 3.0.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the HTTP…
|
NVD-CWE-Other
|
CVE-2015-1060
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274018
|
- |
|
insanevisions
|
adaptcms
|
Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it…
|
CWE-94
Code Injection
|
CVE-2015-1059
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274019
|
- |
|
insanevisions
|
adaptcms
|
Multiple cross-site scripting (XSS) vulnerabilities in AdaptCMS 3.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) data[Category][title] parameter to admin/categories/add…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1058
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274020
|
- |
|
e107
|
e107
|
Cross-site scripting (XSS) vulnerability in usersettings.php in e107 2.0.0 allows remote attackers to inject arbitrary web script or HTML via the "Real Name" value.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1057
|
2024-11-21 11:24 |
2015-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
