|
273021
|
- |
|
moodle
|
moodle
|
Multiple cross-site scripting (XSS) vulnerabilities in lib/javascript-static.js in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allow remote authenticated user…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2269
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273022
|
- |
|
moodle
|
moodle
|
filter/urltolink/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to cause a denial of service (CPU consumption or …
|
CWE-399
Resource Management Errors
|
CVE-2015-2268
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273023
|
- |
|
moodle
|
moodle
|
mdeploy.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 allows remote authenticated users to bypass intended access restrictions and extract archives to ar…
|
CWE-284
Improper Access Control
|
CVE-2015-2267
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273024
|
- |
|
moodle
|
moodle
|
message/index.php in Moodle through 2.5.9, 2.6.x before 2.6.9, 2.7.x before 2.7.6, and 2.8.x before 2.8.4 does not consider the moodle/site:readallmessages capability before accessing arbitrary conve…
|
CWE-200
Information Exposure
|
CVE-2015-2266
|
2024-11-21 11:27 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273025
|
- |
|
linux
fedoraproject
|
linux_kernel
fedora
|
Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain privi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2666
|
2024-11-21 11:27 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273026
|
- |
|
mit
|
kerberos_5
|
The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an int…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2694
|
2024-11-21 11:27 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273027
|
- |
|
realmd_project
|
realmd
|
realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response.
|
CWE-74
Injection
|
CVE-2015-2704
|
2024-11-21 11:27 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273028
|
- |
|
gns3
|
gns3
|
Untrusted search path vulnerability in GNS3 1.2.3 allows local users to gain privileges via a Trojan horse uuid.dll in an unspecified directory.
|
NVD-CWE-Other
|
CVE-2015-2667
|
2024-11-21 11:27 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273029
|
- |
|
huawei
|
seq_analyst
|
XML external entity (XXE) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote authenticated users to read arbitrary files via the req parameter.
|
NVD-CWE-Other
|
CVE-2015-2346
|
2024-11-21 11:27 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273030
|
- |
|
concrete5
|
concrete5
|
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) banned_word[] parameter to index.php/dashboard/…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2250
|
2024-11-21 11:27 |
2015-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
