|
273211
|
6.5 |
MEDIUM
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cf-release
|
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior t…
|
CWE-22
Path Traversal
|
CVE-2015-1834
|
2024-11-21 11:26 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273212
|
5.3 |
MEDIUM
Local
|
saltstack
fedoraproject
|
salt
fedora
|
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
|
CWE-19
Data Processing Errors
|
CVE-2015-1839
|
2024-11-21 11:26 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273213
|
5.3 |
MEDIUM
Local
|
saltstack
fedoraproject
|
salt
fedora
|
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp.
|
CWE-19
Data Processing Errors
|
CVE-2015-1838
|
2024-11-21 11:26 |
2017-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273214
|
5.5 |
MEDIUM
Local
|
ibm
|
security_directory_server
tivoli_directory_server
|
IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash.
|
CWE-284
Improper Access Control
|
CVE-2015-1976
|
2024-11-21 11:26 |
2017-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273215
|
8.8 |
HIGH
Network
|
roundcube
|
webmail
|
Multiple buffer overflows in the DBMail driver in the Password plugin in Roundcube before 1.1.0 allow remote attackers to have unspecified impact via the (1) password or (2) username.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2181
|
2024-11-21 11:26 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273216
|
8.8 |
HIGH
Network
|
roundcube
|
webmail
|
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the password.
|
CWE-74
Injection
|
CVE-2015-2180
|
2024-11-21 11:26 |
2017-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273217
|
7.5 |
HIGH
Network
|
fedoraproject
eclipse
|
fedora
jetty
|
The exception handling code in Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header, aka JetLeak.
|
CWE-200
Information Exposure
|
CVE-2015-2080
|
2024-11-21 11:26 |
2016-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273218
|
9.1 |
CRITICAL
Network
|
apache
|
derby
|
XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary fil…
|
CWE-399
CWE-611
Resource Management Errors
XXE
|
CVE-2015-1832
|
2024-11-21 11:26 |
2016-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273219
|
7.5 |
HIGH
Network
|
ibm
|
tivoli_directory_server
security_directory_server
|
Directory traversal vulnerability in the Web Administration tool in IBM Tivoli Directory Server (ITDS) before 6.1.0.74-ISS-ISDS-IF0074, 6.2.x before 6.2.0.50-ISS-ISDS-IF0050, and 6.3.x before 6.3.0.4…
|
CWE-200
Information Exposure
|
CVE-2015-1977
|
2024-11-21 11:26 |
2016-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273220
|
6.2 |
MEDIUM
Local
|
apache
|
hadoop
|
Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is …
|
CWE-200
Information Exposure
|
CVE-2015-1776
|
2024-11-21 11:26 |
2016-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
