|
266901
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox_os
|
Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8510
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266902
|
6.1 |
MEDIUM
Network
|
getsymphony
|
symphony
|
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Navigation Group, or (3) Label parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2015-8376
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266903
|
9.0 |
CRITICAL
Network
|
canonical
pygments
|
ubuntu_linux
pygments
|
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.
|
CWE-78
OS Command
|
CVE-2015-8557
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266904
|
9.8 |
CRITICAL
Network
|
libtiff
oracle
redhat
|
libtiff
vm_server
linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
|
Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service …
|
CWE-787
Out-of-bounds Write
|
CVE-2015-8668
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266905
|
5.0 |
MEDIUM
Network
|
xen
|
xen
|
The hvm_set_callback_via function in arch/x86/hvm/irq.c in Xen 4.6 does not limit the number of printk console messages when logging the new callback method, which allows local HVM guest OS users to …
|
CWE-254
7PK - Security Features
|
CVE-2015-8615
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266906
|
8.4 |
HIGH
Local
|
blueman_project
|
blueman
|
The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8612
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266907
|
7.4 |
HIGH
Network
|
bluecoat
|
proxysg
advanced_secure_gateway
|
Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phi…
|
NVD-CWE-Other
|
CVE-2015-8597
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266908
|
7.5 |
HIGH
Network
|
quassel-irc
opensuse
|
quassel
leap
opensuse
|
The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a quer…
|
CWE-17
Code
|
CVE-2015-8547
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266909
|
3.1 |
LOW
Network
|
atlassian
|
jira_core
jira_server
jira_service_desk
|
Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer attaches the wrong image to e-mail notifications when a user views an issue with inline wiki markup r…
|
CWE-200
Information Exposure
|
CVE-2015-8481
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266910
|
4.0 |
MEDIUM
Local
|
huawei
|
document_security_management
|
Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear the clipboard when closing a secure file, which allows local users to obtain sensitive information by p…
|
CWE-200
Information Exposure
|
CVE-2015-8303
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
