|
270791
|
- |
|
ibm
|
security_access_manager_for_web
|
IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows remote attackers to read or write to arbitrary files via un…
|
CWE-17
Code
|
CVE-2015-4963
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270792
|
- |
|
apache
|
ambari
|
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext BigSheets password in a configuration file, which allows local users to obtain sensitive information…
|
CWE-200
Information Exposure
|
CVE-2015-4940
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270793
|
- |
|
apache
|
ambari
|
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext passwords on a Configs screen, which allows physically proximate attackers to obtain sensitive infor…
|
CWE-200
Information Exposure
|
CVE-2015-4928
|
2024-11-21 11:32 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270794
|
- |
|
redhat
fedoraproject
qemu
|
openstack
fedora
qemu
|
Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5225
|
2024-11-21 11:32 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270795
|
- |
|
redhat
|
openshift
|
Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted object type name, which is not properly handle…
|
CWE-22
Path Traversal
|
CVE-2015-5305
|
2024-11-21 11:32 |
2015-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270796
|
- |
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenticated DataStage users to bypass intended job-execution restrictions or obtain sensitive information via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5021
|
2024-11-21 11:32 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270797
|
- |
|
ibm
|
tivoli_storage_manager
|
The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before 6.3.6 and 7.1 before 7.1.3 on Linux and AIX uses world-writable permissions for unspecified files,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4927
|
2024-11-21 11:32 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270798
|
- |
|
wp-championship_project
|
wp-championship
|
Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp-championship plugin 5.8 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) user, (2) isadmin, (3…
|
CWE-89
SQL Injection
|
CVE-2015-5308
|
2024-11-21 11:32 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270799
|
- |
|
arm
polarssl
debian
fedoraproject
opensuse
|
mbed_tls
polarssl
debian_linux
fedora
leap
opensuse
|
Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5291
|
2024-11-21 11:32 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270800
|
- |
|
apache
|
ambari
|
Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the targetURI parameter.
|
NVD-CWE-Other
|
CVE-2015-5210
|
2024-11-21 11:32 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
