|
269111
|
7.3 |
HIGH
Network
|
php
|
php
|
Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 allows remote attackers to cause a denial of servic…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5590
|
2024-11-21 11:33 |
2016-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269112
|
5.3 |
MEDIUM
Network
|
swim_team_project
|
swim_team
|
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file par…
|
CWE-22
Path Traversal
|
CVE-2015-5471
|
2024-11-21 11:33 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269113
|
5.4 |
MEDIUM
Network
|
hp
|
storeonce_backup_system_software
|
Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5447
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269114
|
7.5 |
HIGH
Adjacent
|
hp
|
storeonce_backup_system_software
|
HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-5446
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269115
|
8.8 |
HIGH
Network
|
hp
|
storeonce_backup_system_software
|
Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown …
|
CWE-352
Origin Validation Error
|
CVE-2015-5445
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269116
|
6.5 |
MEDIUM
Network
|
hp
|
jc653a_hp_12518_dc_switch_chassis
jh179a_hp_flexfabric_5930_4-slot_switch
jg362b_hp_hsr6804_router_chassis
jg834a_hp_flexfabric_12508e_ac_switch_taa-compliant_chassis
jg802a_hp_ff_12500e_…
|
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and fo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5434
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269117
|
7.4 |
HIGH
Local
|
rarlab
|
winrar
|
The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the u…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5663
|
2024-11-21 11:33 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269118
|
- |
|
hp
|
operations_orchestration
|
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown ve…
|
CWE-352
Origin Validation Error
|
CVE-2015-5451
|
2024-11-21 11:33 |
2015-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269119
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5787
|
2024-11-21 11:33 |
2015-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269120
|
- |
|
sudo_project
|
sudo
|
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5602
|
2024-11-21 11:33 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
