|
272551
|
- |
|
centreon
|
centreon
|
The escape_command function in include/Administration/corePerformance/getStats.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon 19.10.0) uses an incorrect regular exp…
|
CWE-77
Command Injection
|
CVE-2015-1561
|
2024-11-21 11:25 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272552
|
- |
|
centreon
|
centreon
|
SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon web 2.7.0) allows remote attack…
|
CWE-89
SQL Injection
|
CVE-2015-1560
|
2024-11-21 11:25 |
2015-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272553
|
- |
|
canonical
debian
|
ubuntu_linux
unattended-upgrades
|
unattended-upgrades before 0.86.1 does not properly authenticate packages when the (1) force-confold or (2) force-confnew dpkg options are enabled in the DPkg::Options::* apt configuration, which all…
|
CWE-287
Improper Authentication
|
CVE-2015-1330
|
2024-11-21 11:25 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272554
|
- |
|
symantec
|
data_loss_prevention
|
Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authenti…
|
CWE-352
Origin Validation Error
|
CVE-2015-1485
|
2024-11-21 11:25 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272555
|
- |
|
google
|
chrome
|
The DecodeHSTSPreloadRaw function in net/http/transport_security_state.cc in Google Chrome before 43.0.2357.130 does not properly canonicalize DNS hostnames before making comparisons to HSTS or HPKP …
|
CWE-254
7PK - Security Features
|
CVE-2015-1269
|
2024-11-21 11:25 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272556
|
- |
|
google
|
chrome
|
bindings/scripts/v8_types.py in Blink, as used in Google Chrome before 43.0.2357.130, does not properly select a creation context for a return value's DOM wrapper, which allows remote attackers to by…
|
CWE-254
7PK - Security Features
|
CVE-2015-1268
|
2024-11-21 11:25 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272557
|
- |
|
google
|
chrome
|
Blink, as used in Google Chrome before 43.0.2357.130, does not properly restrict the creation context during creation of a DOM wrapper, which allows remote attackers to bypass the Same Origin Policy …
|
CWE-254
7PK - Security Features
|
CVE-2015-1267
|
2024-11-21 11:25 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272558
|
- |
|
google
|
chrome
|
content/browser/webui/content_web_ui_controller_factory.cc in Google Chrome before 43.0.2357.130 does not properly consider the scheme in determining whether a URL is associated with a WebUI SiteInst…
|
CWE-254
7PK - Security Features
|
CVE-2015-1266
|
2024-11-21 11:25 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272559
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_server_2003
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
|
The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,…
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-1721
|
2024-11-21 11:25 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272560
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_server_2003
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
|
Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, …
|
CWE-416
Use After Free
|
CVE-2015-1720
|
2024-11-21 11:25 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
