|
272171
|
- |
|
apple
debian
canonical
sqlite
php
|
watchos
mac_os_x
debian_linux
ubuntu_linux
sqlite
php
|
The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free ope…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2015-3415
|
2024-11-21 11:29 |
2015-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272172
|
- |
|
sqlite
apple
debian
canonical
php
|
sqlite
watchos
mac_os_x
debian_linux
ubuntu_linux
php
|
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and appli…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2015-3414
|
2024-11-21 11:29 |
2015-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272173
|
- |
|
canonical
debian
point-to-point_protocol_project
|
ubuntu_linux
debian_linux
point-to-point_protocol
|
Buffer overflow in the rc_mksid function in plugins/radius/util.c in Paul's PPP Package (ppp) 2.4.6 and earlier, when the PID for pppd is greater than 65535, allows remote attackers to cause a denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3310
|
2024-11-21 11:29 |
2015-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272174
|
- |
|
certify_project
|
certify
|
The Certify module before 6.x-2.3 for Drupal does not properly perform node access checks, which allows remote authenticated users to bypass intended access restrictions and obtain sensitive PDF cert…
|
CWE-200
Information Exposure
|
CVE-2015-3404
|
2024-11-21 11:29 |
2015-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272175
|
- |
|
fibonacciorange
|
wedeal
|
Open redirect vulnerability in the Commerce WeDeal module before 7.x-1.3 for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified pa…
|
NVD-CWE-Other
|
CVE-2015-3393
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272176
|
- |
|
ajax_timeline_project
|
ajax_timeline
|
Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via a node title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3392
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272177
|
- |
|
path_breadcrumbs_project
|
path_breadcrumbs
|
The Path Breadcrumbs module before 7.x-3.2 for Drupal allows remote attackers to bypass intended access restrictions and obtain sensitive node titles by reading a 403 Not Found page.
|
CWE-200
Information Exposure
|
CVE-2015-3391
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272178
|
- |
|
facebook_album_fetcher_project
|
facebook_album_fetcher
|
Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows remote authenticated users with the "access administration pages" permission to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3390
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272179
|
- |
|
public_download_count_project
|
public_download_count
|
Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public Download Count module (pubdlcnt) 7.x-1.x-dev and earlier for Drupal allows remote authenticated users to inje…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3389
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272180
|
- |
|
balanced
|
commerce_balanced_payments
|
Cross-site request forgery (CSRF) vulnerability in the Commerce Balanced Payments module for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that delete th…
|
CWE-352
Origin Validation Error
|
CVE-2015-3388
|
2024-11-21 11:29 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
