|
268051
|
10.0 |
CRITICAL
Network
|
qemu
|
qemu
|
Local privilege escalation vulnerability in the Gentoo QEMU package before 2.5.0-r1.
|
CWE-362
Race Condition
|
CVE-2015-8556
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268052
|
5.4 |
MEDIUM
Network
|
alcatel-lucent
|
motive_home_device_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Alcatel-Lucent Motive Home Device Manager (HDM) before 4.2 allow remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8687
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268053
|
5.3 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
The (1) Special:MyPage, (2) Special:MyTalk, (3) Special:MyContributions, (4) Special:MyUploads, and (5) Special:AllMyUploads pages in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.2…
|
CWE-200
Information Exposure
|
CVE-2015-8628
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268054
|
5.3 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly normalize IP addresses containing zero-padded octets, which might allow remote attackers…
|
CWE-284
Improper Access Control
|
CVE-2015-8627
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268055
|
9.8 |
CRITICAL
Network
|
mediawiki
|
mediawiki
|
The User::randomPassword function in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 generates passwords smaller than $wgMinimalPasswordLength, which ma…
|
CWE-255
Credentials Management
|
CVE-2015-8626
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268056
|
7.5 |
HIGH
Network
|
mediawiki
|
mediawiki
|
MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 do not properly sanitize parameters when calling the cURL library, which allows remote attackers to read…
|
CWE-200
Information Exposure
|
CVE-2015-8625
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268057
|
8.8 |
HIGH
Network
|
mediawiki
|
mediawiki
|
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1 does not perform token comparison in constant …
|
CWE-352
Origin Validation Error
|
CVE-2015-8624
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268058
|
8.8 |
HIGH
Network
|
mediawiki
|
mediawiki
|
The User::matchEditToken function in includes/User.php in MediaWiki before 1.23.12 and 1.24.x before 1.24.5 does not perform token comparison in constant time before returning, which allows remote at…
|
CWE-352
Origin Validation Error
|
CVE-2015-8623
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268059
|
6.1 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1, when is configured with a relative URL, allows remote authe…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8622
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268060
|
7.5 |
HIGH
Network
|
netapp
|
snapdrive
|
NetApp SnapDrive for Windows before 7.0.2P4, 7.0.3, and 7.1 before 7.1.3P1 allows remote attackers to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-8544
|
2024-11-21 11:38 |
2017-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
