|
270621
|
- |
|
usersultra
|
usersultra
|
Multiple SQL injection vulnerabilities in the ratings module in the Users Ultra plugin before 1.5.16 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) data_target or …
|
CWE-89
SQL Injection
|
CVE-2015-4109
|
2024-11-21 11:30 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270622
|
- |
|
kankun
|
smartsocket
|
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote attackers to (1) obtain sensitive information by sniffing the network and (2) …
|
CWE-310
Cryptographic Issues
|
CVE-2015-4080
|
2024-11-21 11:30 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270623
|
- |
|
everybit
|
encrypted_contact_form
|
Cross-site request forgery (CSRF) vulnerability in the Encrypted Contact Form plugin before 1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that …
|
CWE-352
Origin Validation Error
|
CVE-2015-4010
|
2024-11-21 11:30 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270624
|
- |
|
ceph
|
ceph-deploy
|
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
|
CWE-200
Information Exposure
|
CVE-2015-4053
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270625
|
- |
|
beckhoff
|
ipc_diagnostics
|
Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users,…
|
CWE-284
Improper Access Control
|
CVE-2015-4051
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270626
|
- |
|
canonical
t1utils_project
|
ubuntu_linux
t1utils
|
Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3905
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270627
|
- |
|
canonical
linux
|
ubuntu_linux
linux_kernel
|
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or caus…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4004
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270628
|
- |
|
linux
|
linux_kernel
|
The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero er…
|
CWE-189
Numeric Errors
|
CVE-2015-4003
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270629
|
- |
|
linux
canonical
opensuse
|
linux_kernel
ubuntu_linux
opensuse
|
drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4002
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270630
|
- |
|
linux
|
linux_kernel
|
Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of serv…
|
CWE-189
Numeric Errors
|
CVE-2015-4001
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
