|
269281
|
- |
|
opendocman
|
opendocman
|
Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5625
|
2024-11-21 11:33 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269282
|
- |
|
freebit
|
elphonebtnv6_activex_control
|
Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5624
|
2024-11-21 11:33 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269283
|
- |
|
isc
apple
|
bind
mac_os_x_server
|
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a …
|
CWE-20
Improper Input Validation
|
CVE-2015-5722
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269284
|
- |
|
geddyjs
|
geddy
|
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the de…
|
CWE-22
Path Traversal
|
CVE-2015-5688
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269285
|
- |
|
octobercms
|
october
|
Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5612
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269286
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5737
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269287
|
- |
|
fortinet
|
forticlient
|
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5736
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269288
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x22…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5735
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269289
|
- |
|
siemens
|
compas
|
The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2015-5717
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269290
|
- |
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other …
|
CWE-416
Use After Free
|
CVE-2015-5706
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
