|
270411
|
- |
|
isc
apple
|
bind
mac_os_x_server
|
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a …
|
CWE-20
Improper Input Validation
|
CVE-2015-5722
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270412
|
- |
|
geddyjs
|
geddy
|
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the de…
|
CWE-22
Path Traversal
|
CVE-2015-5688
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270413
|
- |
|
octobercms
|
october
|
Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5612
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270414
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5737
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270415
|
- |
|
fortinet
|
forticlient
|
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5736
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270416
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x22…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5735
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270417
|
- |
|
siemens
|
compas
|
The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2015-5717
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270418
|
- |
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other …
|
CWE-416
Use After Free
|
CVE-2015-5706
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270419
|
- |
|
linux
|
linux_kernel
|
The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from ker…
|
CWE-200
Information Exposure
|
CVE-2015-5697
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270420
|
- |
|
siemens
|
simatic_s7_1200_cpu_firmware
simatic_s7_1200_cpu
|
Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified…
|
CWE-352
Origin Validation Error
|
CVE-2015-5698
|
2024-11-21 11:33 |
2015-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
