|
272351
|
- |
|
google
|
chrome
|
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not check whether a node is expected, which allows remote atta…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1291
|
2024-11-21 11:25 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272352
|
- |
|
polycom
|
realpresence_cloudaxis_suite
|
Cross-site scripting (XSS) vulnerability in Polycom RealPresence CloudAXIS Suite before 1.7.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1516
|
2024-11-21 11:25 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272353
|
- |
|
linux
|
linux_kernel
|
Memory leak in the __key_link_end function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service (memory consumption) via many add_key system cal…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1333
|
2024-11-21 11:25 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272354
|
- |
|
linuxcontainers
|
lxc
|
attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted (1…
|
CWE-17
Code
|
CVE-2015-1334
|
2024-11-21 11:25 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272355
|
- |
|
linuxcontainers
|
lxc
|
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
|
CWE-59
Link Following
|
CVE-2015-1331
|
2024-11-21 11:25 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272356
|
- |
|
symantec
|
endpoint_protection_manager
|
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.
|
CWE-20
Improper Input Validation
|
CVE-2015-1492
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272357
|
- |
|
symantec
|
endpoint_protection_manager
|
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via u…
|
CWE-89
SQL Injection
|
CVE-2015-1491
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272358
|
- |
|
symantec
|
endpoint_protection_manager
|
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a rel…
|
CWE-22
Path Traversal
|
CVE-2015-1490
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272359
|
- |
|
symantec
|
endpoint_protection_manager
|
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1489
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272360
|
- |
|
symantec
|
endpoint_protection_manager
|
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown v…
|
CWE-200
Information Exposure
|
CVE-2015-1488
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
