|
269661
|
- |
|
ibm
|
powerha_system_mirror
|
CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5005
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269662
|
- |
|
ibm
|
maximo_asset_management
maximo_for_nuclear_power
maximo_for_utilities
maximo_for_life_sciences
maximo_for_oil_and_gas
maximo_for_transportation
maximo_for_government
smartcloud_c…
|
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 FP009, and 7.6.0 before 7.6.0.2 IFIX001; Maximo Asset Management 7.5.0 before 7.5.0.9 FP009, 7.5.1, and 7.6.0 before 7.6.0.2 IFI…
|
CWE-255
Credentials Management
|
CVE-2015-4966
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269663
|
- |
|
ibm
|
security_access_manager_for_web
|
IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows remote attackers to read or write to arbitrary files via un…
|
CWE-17
Code
|
CVE-2015-4963
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269664
|
- |
|
apache
|
ambari
|
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information…
|
CWE-200
Information Exposure
|
CVE-2015-4940
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269665
|
- |
|
apache
|
ambari
|
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive infor…
|
CWE-200
Information Exposure
|
CVE-2015-4928
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269666
|
- |
|
redhat
fedoraproject
qemu
|
openstack
fedora
qemu
|
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5225
|
2024-11-21 11:32 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269667
|
- |
|
redhat
|
openshift
|
Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handle…
|
CWE-22
Path Traversal
|
CVE-2015-5305
|
2024-11-21 11:32 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269668
|
- |
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenticated DataStage users to bypass intended job-execution restrictions or obtain sensitive information via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5021
|
2024-11-21 11:32 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269669
|
- |
|
ibm
|
tivoli_storage_manager
|
The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4927
|
2024-11-21 11:32 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269670
|
- |
|
wp-championship_project
|
wp-championship
|
Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp-championship plugin 5.8 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user, (2) isadmin, (3…
|
CWE-89
SQL Injection
|
CVE-2015-5308
|
2024-11-21 11:32 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
