|
272361
|
- |
|
xen
fedoraproject
|
xen
fedora
|
Xen 4.5.x and earlier enables certain default backends when emulating a VGA device for an x86 HVM guest qemu even when the configuration disables them, which allows local guest users to obtain access…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2152
|
2024-11-21 11:26 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272362
|
- |
|
mybb
|
mybb
|
Multiple cross-site scripting (XSS) vulnerabilities in the administrative backend in MyBB (aka MyBulletinBoard) before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2149
|
2024-11-21 11:26 |
2015-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272363
|
- |
|
hp
|
operations_manager_i_management_pack
|
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges.
|
CWE-284
Improper Access Control
|
CVE-2015-2107
|
2024-11-21 11:26 |
2015-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272364
|
- |
|
apache
|
mod-gnutls
|
The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof client…
|
CWE-310
Cryptographic Issues
|
CVE-2015-2091
|
2024-11-21 11:26 |
2015-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272365
|
- |
|
debian
libssh2
fedoraproject
|
debian_linux
libssh2
fedora
|
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT pack…
|
CWE-20
Improper Input Validation
|
CVE-2015-1782
|
2024-11-21 11:26 |
2015-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272366
|
- |
|
fedoraproject
debian
xen
|
fedora
debian_linux
xen
|
The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2151
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272367
|
- |
|
ubuntu
xen
linux
|
ubuntu
xen
linux_kernel
|
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2150
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272368
|
- |
|
xen
fedoraproject
debian
|
xen
fedora
debian_linux
|
The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-2045
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272369
|
- |
|
xen
|
xen
|
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involvin…
|
CWE-200
Information Exposure
|
CVE-2015-2044
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272370
|
- |
|
ajsquare
|
zeuscart
|
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2182
|
2024-11-21 11:26 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
