|
276161
|
3.3 |
LOW
Local
|
debian
tardiff_project
|
debian_linux
tardiff
|
Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathname in a /tmp/tardiff-$$ temporary directory.
|
CWE-59
Link Following
|
CVE-2015-0858
|
2024-11-21 11:23 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276162
|
9.8 |
CRITICAL
Network
|
tardiff_project
debian
|
tardiff
debian_linux
|
Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters in the name of a (1) tar file or (2) file within a tar file.
|
CWE-77
Command Injection
|
CVE-2015-0857
|
2024-11-21 11:23 |
2016-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276163
|
4.3 |
MEDIUM
Network
|
tryton
debian
|
trytond
debian_linux
|
model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0861
|
2024-11-21 11:23 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276164
|
7.5 |
HIGH
Network
|
cisco
samsung
sun
zyxel
netgear
zzinc
|
unified_computing_system
x14j_firmware
nx-os
opensolaris
gs1900-10hp_firmware
jr6150_firmware
keymouse_firmware
|
Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Computing System (UCS) platforms allows remote attackers to cause a denial of service (TCP stack reload…
|
CWE-399
Resource Management Errors
|
CVE-2015-0718
|
2024-11-21 11:23 |
2016-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276165
|
- |
|
canonical
debian
|
ubuntu_linux
dpkg
|
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrar…
|
CWE-189
Numeric Errors
|
CVE-2015-0860
|
2024-11-21 11:23 |
2015-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276166
|
- |
|
debian
|
debian_linux
|
The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to smokeping_cg…
|
CWE-17
Code
|
CVE-2015-0859
|
2024-11-21 11:23 |
2015-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276167
|
- |
|
fedoraproject
sddm_project
|
fedora
sddm
|
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0856
|
2024-11-21 11:23 |
2015-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276168
|
- |
|
dracut_project
|
dracut
|
modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows local users to have unspecified impact via a symlink attack on /tmp/dracut_block_uuid.map.
|
CWE-59
Link Following
|
CVE-2015-0794
|
2024-11-21 11:23 |
2015-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276169
|
- |
|
freeimage_project
|
freeimage
|
Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers to cause a denial of service (heap memory corruption) via vectors related to the height and width o…
|
CWE-189
Numeric Errors
|
CVE-2015-0852
|
2024-11-21 11:23 |
2015-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276170
|
- |
|
emc
|
rsa_archer_egrc
|
Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 allow remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-0542
|
2024-11-21 11:23 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
