|
272151
|
- |
|
ibm
|
websphere_application_server
|
Multiple race conditions in IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 allow remote authenticated users to gain privileges by leveraging thread conflicts that result in…
|
CWE-362
Race Condition
|
CVE-2015-1882
|
2024-11-21 11:26 |
2015-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272152
|
- |
|
ibm
|
websphere_portal
|
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through CF05,…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1908
|
2024-11-21 11:26 |
2015-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272153
|
- |
|
ibm
|
websphere_portal
|
The Remote Document Conversion Service (DCS) in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF16, and 8.5.0 through C…
|
CWE-399
Resource Management Errors
|
CVE-2015-1886
|
2024-11-21 11:26 |
2015-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272154
|
- |
|
ibm
|
infosphere_biginsights
|
The Big SQL component in IBM InfoSphere BigInsights 3.0 through 3.0.0.2 allows remote authenticated users to bypass intended HDFS data-access restrictions via (1) a crafted CREATE HADOOP TABLE statem…
|
CWE-89
SQL Injection
|
CVE-2015-1889
|
2024-11-21 11:26 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272155
|
- |
|
linux
|
linux_kernel
|
net/rds/sysctl.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or possibly hav…
|
CWE-17
Code
|
CVE-2015-2042
|
2024-11-21 11:26 |
2015-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272156
|
- |
|
suse
linux
debian
|
suse_linux_enterprise_server
linux_kernel
debian_linux
|
net/llc/sysctl_net_llc.c in the Linux kernel before 3.19 uses an incorrect data type in a sysctl table, which allows local users to obtain potentially sensitive information from kernel memory or poss…
|
CWE-17
Code
|
CVE-2015-2041
|
2024-11-21 11:26 |
2015-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272157
|
- |
|
openstack
canonical
|
swift
ubuntu_linux
|
OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the x-vers…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1856
|
2024-11-21 11:26 |
2015-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272158
|
- |
|
openstack
canonical
|
keystonemiddleware
python-keystoneclient
ubuntu_linux
|
The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste configurat…
|
CWE-17
Code
|
CVE-2015-1852
|
2024-11-21 11:26 |
2015-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272159
|
- |
|
debian
tuxfamily
|
debian_linux
chrony
|
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitia…
|
CWE-17
Code
|
CVE-2015-1822
|
2024-11-21 11:26 |
2015-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272160
|
- |
|
tuxfamily
debian
|
chrony
debian_linux
|
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1821
|
2024-11-21 11:26 |
2015-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
