|
271251
|
- |
|
theforeman
|
foreman
|
Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wi…
|
CWE-284
Improper Access Control
|
CVE-2015-3155
|
2024-11-21 11:28 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271252
|
- |
|
clutter_project
|
clutter
|
The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.
|
CWE-284
Improper Access Control
|
CVE-2015-3213
|
2024-11-21 11:28 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271253
|
- |
|
apache
apple
|
subversion
xcode
|
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive pa…
|
CWE-200
Information Exposure
|
CVE-2015-3187
|
2024-11-21 11:28 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271254
|
- |
|
apple
apache
|
xcode
subversion
|
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read…
|
CWE-200
Information Exposure
|
CVE-2015-3184
|
2024-11-21 11:28 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271255
|
- |
|
redhat
|
libuser
|
libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (incon…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3246
|
2024-11-21 11:28 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271256
|
- |
|
redhat
|
libuser
|
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, allows local users to cause a de…
|
CWE-20
Improper Input Validation
|
CVE-2015-3245
|
2024-11-21 11:28 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271257
|
- |
|
artifex
|
afpl_ghostscript
|
Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file…
|
CWE-189
Numeric Errors
|
CVE-2015-3228
|
2024-11-21 11:28 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271258
|
- |
|
yodobashi
|
yodobashi
|
The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute arbitrary Java methods, and consequently obtain sensitive information or execute OS commands, via a crafte…
|
CWE-200
CWE-78
Information Exposure
OS Command
|
CVE-2015-2980
|
2024-11-21 11:28 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271259
|
- |
|
sierrawireless
|
aleos
|
Sierra Wireless ALEOS before 4.4.2 on AirLink ES, GX, and LS devices has hardcoded root accounts, which makes it easier for remote attackers to obtain administrative access via a (1) SSH or (2) TELNE…
|
CWE-200
Information Exposure
|
CVE-2015-2897
|
2024-11-21 11:28 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271260
|
6.0 |
MEDIUM
Local
|
dell
|
bios
|
The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a B…
|
NVD-CWE-noinfo
|
CVE-2015-2890
|
2024-11-21 11:28 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
