|
269231
|
- |
|
htacg
canonical
debian
apple
|
tidy
ubuntu_linux
debian_linux
mac_os_x
watchos
iphone_os
|
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an hre…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5522
|
2024-11-21 11:33 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269232
|
- |
|
wordpress
debian
|
wordpress
debian_linux
|
WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscribe…
|
CWE-284
Improper Access Control
|
CVE-2015-5623
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269233
|
- |
|
wordpress
debian
|
wordpress
debian_linux
|
Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a cra…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5622
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269234
|
- |
|
openbsd
|
openssh
|
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it ea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5600
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269235
|
- |
|
siemens
|
ruggedcom_rugged_operating_system
ruggedcom_rox_ii_firmware
|
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext …
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2015-5537
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269236
|
- |
|
chiyutw
|
bf-630
bf-630w
|
Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5618
|
2024-11-21 11:33 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269237
|
- |
|
isc
|
bind
|
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
|
CWE-19
Data Processing Errors
|
CVE-2015-5477
|
2024-11-21 11:33 |
2015-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269238
|
- |
|
google
opensuse
|
chrome
opensuse
|
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash)…
|
CWE-17
Code
|
CVE-2015-5605
|
2024-11-21 11:33 |
2015-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269239
|
- |
|
gemalto
|
safenet_luna_pci-e
safenet_luna_sa
safenet_luna_g5
|
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.
|
CWE-284
Improper Access Control
|
CVE-2015-5464
|
2024-11-21 11:33 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269240
|
- |
|
fca
|
uconnect
|
Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles (FCA) from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehi…
|
NVD-CWE-noinfo
|
CVE-2015-5611
|
2024-11-21 11:33 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
