|
269491
|
5.3 |
MEDIUM
Network
|
fedoraproject
debian
ntp
|
fedora
debian_linux
ntp
|
ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote config…
|
CWE-20
Improper Input Validation
|
CVE-2015-5146
|
2024-11-21 11:32 |
2017-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269492
|
9.8 |
CRITICAL
Network
|
kernel
|
util-linux
|
The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to cause file name collision and possibly other attacks.
|
NVD-CWE-noinfo
|
CVE-2015-5224
|
2024-11-21 11:32 |
2017-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269493
|
8.8 |
HIGH
Network
|
fedoraproject
vmware
|
fedora
spring_social
|
Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3.
|
CWE-352
Origin Validation Error
|
CVE-2015-5258
|
2024-11-21 11:32 |
2017-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269494
|
8.8 |
HIGH
Network
|
pulp_project
|
pulp
|
Pulp does not remove permissions for named objects upon deletion, which allows authenticated users to gain the privileges of a deleted object via creating an object with the same name.
|
CWE-275
Permission Issues
|
CVE-2015-5153
|
2024-11-21 11:32 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269495
|
8.8 |
HIGH
Network
|
django-cms
|
django_cms
|
Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified …
|
CWE-352
Origin Validation Error
|
CVE-2015-5081
|
2024-11-21 11:32 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269496
|
6.1 |
MEDIUM
Network
|
broken_link_checker_project
|
broken_link_checker
|
Cross-site scripting (XSS) vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5057
|
2024-11-21 11:32 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269497
|
9.8 |
CRITICAL
Network
|
mod_nss_project
|
mod_nss
|
The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers to bypass application restrictions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5244
|
2024-11-21 11:32 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269498
|
5.5 |
MEDIUM
Local
|
fedoraproject
opensuse_project
opensuse
jasper_project
|
fedora
leap
opensuse
jasper
|
Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
|
CWE-415
Double Free
|
CVE-2015-5203
|
2024-11-21 11:32 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269499
|
5.3 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access files ($g_view_proj_doc_threshold) is set to ANYBODY, allows remote authenticated users to download at…
|
CWE-200
Information Exposure
|
CVE-2015-5059
|
2024-11-21 11:32 |
2017-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269500
|
6.7 |
MEDIUM
Local
|
vmware
|
tools
|
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privil…
|
CWE-362
Race Condition
|
CVE-2015-5191
|
2024-11-21 11:32 |
2017-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
