|
270521
|
- |
|
bittorrent
|
bootstrap-dht
|
The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attackers to execute arbitrary code via a crafted packet, related to "improper indexing."
|
CWE-20
Improper Input Validation
|
CVE-2015-5685
|
2024-11-21 11:33 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270522
|
- |
|
belkin
|
n300_dual-band_wi-fi_range_extender_firmware
|
Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated users to execute arbitrary commands via the (1) sub_dir parameter in a formUSBStorage request; pinC…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5536
|
2024-11-21 11:33 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270523
|
- |
|
qtranslate_project
|
qtranslate
|
Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the qtransl…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5535
|
2024-11-21 11:33 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270524
|
- |
|
bittorrent
utorrent
|
bittorrent
utorrent
|
BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitrary commands via a crafted URL using the (1) bittorrent or (2) magnet protocol.
|
CWE-77
Command Injection
|
CVE-2015-5474
|
2024-11-21 11:33 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270525
|
- |
|
websense
|
content_gateway
|
Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content Gateway before 8.0.0 HF02 allows remote administrators to cause a denial of service (crash) via a c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5718
|
2024-11-21 11:33 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270526
|
- |
|
canonical
debian
apple
htacg
|
ubuntu_linux
debian_linux
mac_os_x
watchos
iphone_os
tidy
|
The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving multiple whitespace characters before an empty href, which …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5523
|
2024-11-21 11:33 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270527
|
- |
|
htacg
canonical
debian
apple
|
tidy
ubuntu_linux
debian_linux
mac_os_x
watchos
iphone_os
|
Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an hre…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5522
|
2024-11-21 11:33 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270528
|
- |
|
wordpress
debian
|
wordpress
debian_linux
|
WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authenticated users to bypass intended access restrictions and create drafts by leveraging the Subscribe…
|
CWE-284
Improper Access Control
|
CVE-2015-5623
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270529
|
- |
|
wordpress
debian
|
wordpress
debian_linux
|
Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a cra…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5622
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270530
|
- |
|
openbsd
|
openssh
|
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it ea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5600
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
