|
269531
|
7.5 |
HIGH
Network
|
redhat
openstack
|
openstack
tripleo_heat_templates
|
The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keystone) before the OpenStack Object Storage (Swift) staticweb middleware in the swiftproxy pipeline w…
|
CWE-200
Information Exposure
|
CVE-2015-5271
|
2024-11-21 11:32 |
2016-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269532
|
8.1 |
HIGH
Network
|
apache
|
camel
|
Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arb…
|
CWE-19
Data Processing Errors
|
CVE-2015-5348
|
2024-11-21 11:32 |
2016-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269533
|
6.5 |
MEDIUM
Network
|
redhat
canonical
|
libvirt
ubuntu_linux
|
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unl…
|
CWE-284
Improper Access Control
|
CVE-2015-5247
|
2024-11-21 11:32 |
2016-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269534
|
7.6 |
HIGH
Network
|
apache
debian
|
subversion
debian_linux
|
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5343
|
2024-11-21 11:32 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269535
|
6.1 |
MEDIUM
Network
|
apache
|
wicket
|
Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5347
|
2024-11-21 11:32 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269536
|
6.5 |
MEDIUM
Network
|
apache
|
ranger
|
The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5167
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269537
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance c…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-5158
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269538
|
7.8 |
HIGH
Local
|
apache
|
ldap_studio
directory_studio
|
The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a craf…
|
CWE-77
Command Injection
|
CVE-2015-5349
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269539
|
7.3 |
HIGH
Network
|
redhat
|
openstack
|
The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for rem…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5329
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269540
|
2.5 |
LOW
Local
|
redhat
|
libvirt
|
Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows l…
|
CWE-22
Path Traversal
|
CVE-2015-5313
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
