|
267561
|
- |
|
canonical
xscreensaver_project
|
ubuntu_linux
xscreensaver
|
driver/subprocs.c in XScreenSaver before 5.34 does not properly perform an internal consistency check, which allows physically proximate attackers to bypass the lock screen by hot swapping monitors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8025
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267562
|
- |
|
sap
|
hana
|
The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428.
|
CWE-20
Improper Input Validation
|
CVE-2015-7994
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267563
|
- |
|
sap
|
hana
|
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to execute arbitrary code via unspecified vectors related to "HTTP Logi…
|
CWE-20
Improper Input Validation
|
CVE-2015-7993
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267564
|
- |
|
sap
|
hana
|
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial of service (memory corruption and indexserver crash) via unspecified vectors to the EXECUTE_SEARCH_RUL…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7992
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267565
|
- |
|
sap
|
hana
|
The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vector…
|
CWE-200
Information Exposure
|
CVE-2015-7991
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267566
|
- |
|
sap
|
hana
|
SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopyd…
|
CWE-20
Improper Input Validation
|
CVE-2015-7828
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267567
|
- |
|
echo_project
|
echo
|
The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demon…
|
CWE-200
Information Exposure
|
CVE-2015-8007
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267568
|
- |
|
pagetriage_project
|
pagetriage
|
Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension for MediWiki allows remote attackers to inject arbitrary web script or HTML via the page title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-8006
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267569
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading…
|
CWE-200
Information Exposure
|
CVE-2015-8005
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267570
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8004
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
