|
270801
|
- |
|
kallithea-scm
|
kallithea
|
CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the came_from parameter to _admin/login.
|
NVD-CWE-Other
|
CVE-2015-5285
|
2024-11-21 11:32 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270802
|
- |
|
fedoraproject
|
sssd
|
Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in System Security Services Daemon (SSSD) 1.10 before 1.13.1 allows remote authenticated users to cause …
|
CWE-399
Resource Management Errors
|
CVE-2015-5292
|
2024-11-21 11:32 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270803
|
- |
|
ibm
|
domino
|
Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash)…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5040
|
2024-11-21 11:32 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270804
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4997
|
2024-11-21 11:32 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270805
|
- |
|
ibm
|
domino
|
Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3 allows remote attackers to execute arbitrary code or cause a denial of service (SMTP daemon crash)…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4994
|
2024-11-21 11:32 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270806
|
- |
|
fedoraproject
canonical
apache
|
fedora
ubuntu_linux
httpclient
|
http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignores the http.socket.timeout configuration setting during an SSL handshake, which allows remote attac…
|
CWE-399
Resource Management Errors
|
CVE-2015-5262
|
2024-11-21 11:32 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270807
|
- |
|
openstack
|
neutron
|
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing…
|
CWE-362
Race Condition
|
CVE-2015-5240
|
2024-11-21 11:32 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270808
|
- |
|
redhat
|
jboss_enterprise_application_platform
jboss_wildfly_application_server
|
The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly JBoss Application Server) allows remote attackers to cause a denial of service (memory consumption)…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5220
|
2024-11-21 11:32 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270809
|
- |
|
redhat
|
jboss_enterprise_application_platform
jboss_wildfly_application_server
|
Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.C…
|
CWE-352
Origin Validation Error
|
CVE-2015-5188
|
2024-11-21 11:32 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270810
|
- |
|
redhat
|
jboss_wildfly_application_server
jboss_enterprise_application_platform
|
The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) does not send an X-Frame-Options HTTP header, which makes it easier for …
|
CWE-254
7PK - Security Features
|
CVE-2015-5178
|
2024-11-21 11:32 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
