|
272331
|
5.3 |
MEDIUM
Network
|
apple
oracle
openssl
redhat
canonical
debian
opensuse
suse
fedoraproject
|
mac_os_x
sun_ray_software
transportation_management
life_sciences_data_hub
api_gateway
exalogic_infrastructure
solaris
communications_webrtc_session_controller
vm_virtualbox
The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_…
|
CWE-200
Information Exposure
|
CVE-2015-3195
|
2024-11-21 11:28 |
2015-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
272332
|
7.5 |
HIGH
Network
|
openssl
nodejs
canonical
|
openssl
node.js
ubuntu_linux
|
The Montgomery squaring implementation in crypto/bn/asm/x86_64-mont5.pl in OpenSSL 1.0.2 before 1.0.2e on the x86_64 platform, as used by the BN_mod_exp function, mishandles carry propagation and pro…
|
CWE-200
Information Exposure
|
CVE-2015-3193
|
2024-11-21 11:28 |
2015-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272333
|
- |
|
networkmanager_project
|
networkmanager
|
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit sett…
|
CWE-20
Improper Input Validation
|
CVE-2015-2924
|
2024-11-21 11:28 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272334
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protect…
|
NVD-CWE-Other
|
CVE-2015-2925
|
2024-11-21 11:28 |
2015-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272335
|
- |
|
libreswan
|
libreswan
|
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero D…
|
CWE-189
Numeric Errors
|
CVE-2015-3240
|
2024-11-21 11:28 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272336
|
- |
|
hp
|
arcsight_smartconnectors
|
The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of thi…
|
NVD-CWE-Other
|
CVE-2015-2903
|
2024-11-21 11:28 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272337
|
- |
|
hp
|
arcsight_smartconnectors
|
HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted…
|
CWE-310
Cryptographic Issues
|
CVE-2015-2902
|
2024-11-21 11:28 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272338
|
- |
|
apache
|
ambari
|
Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3186
|
2024-11-21 11:28 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272339
|
- |
|
fedoraproject
|
389_directory_server
|
389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified imp…
|
CWE-254
7PK - Security Features
|
CVE-2015-3230
|
2024-11-21 11:28 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272340
|
- |
|
medicomp
|
medcin_engine
|
Multiple stack-based buffer overflows in Medicomp MEDCIN Engine 2.22.20142.166 might allow remote attackers to execute arbitrary code via a crafted packet on port 8190, related to (1) the GetProperty…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2901
|
2024-11-21 11:28 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
