|
271661
|
- |
|
cisco
|
virtualization_experience_client_6000_series_firmware
|
The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS co…
|
CWE-78
OS Command
|
CVE-2015-4186
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271662
|
- |
|
cisco
|
unified_computing_system
|
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795.
|
CWE-78
OS Command
|
CVE-2015-4183
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271663
|
- |
|
chaos_tool_suite_project
|
ctools
|
Open redirect vulnerability in the Chaos tool suite (ctools) module before 6.x-1.12 and 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct …
|
NVD-CWE-Other
|
CVE-2015-4398
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271664
|
- |
|
webform_project
|
webform
|
Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissio…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4374
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271665
|
- |
|
xen
|
xen
|
The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via …
|
CWE-399
Resource Management Errors
|
CVE-2015-4164
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271666
|
- |
|
xen
|
xen
|
GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hyperca…
|
NVD-CWE-Other
|
CVE-2015-4163
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271667
|
- |
|
elastic
|
logstash
|
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references …
|
CWE-22
Path Traversal
|
CVE-2015-4152
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271668
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
hostapd
opensuse
|
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remo…
|
NVD-CWE-noinfo
|
CVE-2015-4146
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271669
|
- |
|
w1.fi
opensuse
|
hostapd
opensuse
wpa_supplicant
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of se…
|
CWE-399
Resource Management Errors
|
CVE-2015-4145
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271670
|
- |
|
opensuse
w1.fi
|
opensuse
hostapd
wpa_supplicant
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attacke…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4144
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
