|
268961
|
- |
|
horde
debian
|
horde_application_framework
groupware
debian_linux
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Horde before 5.2.8, Horde Groupware before 5.2.11, and Horde Groupware Webmail Edition before 5.2.11 allow remote attackers to hijack the…
|
CWE-352
Origin Validation Error
|
CVE-2015-7984
|
2024-11-21 11:37 |
2015-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268962
|
- |
|
huawei
|
espace_firmware
|
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cau…
|
CWE-20
Improper Input Validation
|
CVE-2015-7845
|
2024-11-21 11:37 |
2015-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268963
|
- |
|
exemys
|
telemetry_web_server
|
Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this head…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2015-7910
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268964
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a diffe…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8053
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268965
|
- |
|
adobe
|
coldfusion
|
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 18 and 11 before Update 7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a diffe…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8052
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268966
|
- |
|
adobe
|
premiere_clip
|
The Adobe Premiere Clip app before 1.2.1 for iOS mishandles unspecified input, which has unknown impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2015-8051
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268967
|
- |
|
debian
xmlsoft
apple
canonical
|
debian_linux
libxml2
watchos
iphone_os
mac_os_x
tvos
ubuntu_linux
|
The xz_decomp function in xzlib.c in libxml2 2.9.1 does not properly detect compression errors, which allows context-dependent attackers to cause a denial of service (process hang) via crafted XML da…
|
CWE-399
Resource Management Errors
|
CVE-2015-8035
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268968
|
- |
|
canonical
strongswan
|
ubuntu_linux
strongswan
|
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers t…
|
CWE-264
CWE-20
Permissions, Privileges, and Access Controls
Improper Input Validation
|
CVE-2015-8023
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268969
|
- |
|
hp
debian
apple
canonical
xmlsoft
|
icewall_file_manager
icewall_federation_agent
debian_linux
watchos
iphone_os
mac_os_x
tvos
ubuntu_linux
libxml2
|
The xmlParseConditionalSections function in parser.c in libxml2 does not properly skip intermediary entities when it stops parsing invalid input, which allows context-dependent attackers to cause a d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7942
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268970
|
- |
|
canonical
xmlsoft
|
ubuntu_linux
libxml2
|
libxml2 2.9.2 does not properly stop parsing invalid input, which allows context-dependent attackers to cause a denial of service (out-of-bounds read and libxml2 crash) via crafted XML data to the (1…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7941
|
2024-11-21 11:37 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
