|
273281
|
- |
|
apache
|
activemq
|
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arb…
|
CWE-22
Path Traversal
|
CVE-2015-1830
|
2024-11-21 11:26 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273282
|
- |
|
theforeman
|
foreman
|
Foreman before 1.7.5 allows remote authenticated users to bypass organization and location restrictions by connecting through the REST API.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1844
|
2024-11-21 11:26 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273283
|
- |
|
debian
canonical
redhat
xmlsoft
oracle
apple
opensuse
fedoraproject
|
debian_linux
ubuntu_linux
enterprise_linux
libxml
solaris
watchos
iphone_os
mac_os_x
tvos
linux
opensuse
fedora
|
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack.
|
CWE-399
Resource Management Errors
|
CVE-2015-1819
|
2024-11-21 11:26 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273284
|
- |
|
theforeman
|
foreman
|
Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate.
|
CWE-310
Cryptographic Issues
|
CVE-2015-1816
|
2024-11-21 11:26 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273285
|
- |
|
gnu
opensuse
fedoraproject
|
libidn
opensuse
fedora
|
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2059
|
2024-11-21 11:26 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273286
|
- |
|
jabberd2
|
jabberd2
|
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other u…
|
CWE-200
Information Exposure
|
CVE-2015-2058
|
2024-11-21 11:26 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273287
|
- |
|
redhat
clusterlabs
|
enterprise_linux_high_availability
enterprise_linux_resilient_storage
pacemaker
|
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1867
|
2024-11-21 11:26 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273288
|
- |
|
redhat
|
jboss_bpm_suite
|
XML external entity (XXE) vulnerability in the dashbuilder import facility (DocumentBuilders in org.jboss.dashboard.export.ImportManagerImpl) in Red Hat JBoss BPM Suite before 6.1.2 allows remote att…
|
NVD-CWE-Other
|
CVE-2015-1818
|
2024-11-21 11:26 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273289
|
- |
|
google
linux
|
android
linux_kernel
|
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inat…
|
CWE-17
Code
|
CVE-2015-1805
|
2024-11-21 11:26 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273290
|
- |
|
ibm
|
websphere_mq_light
|
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 an…
|
CWE-399
Resource Management Errors
|
CVE-2015-1987
|
2024-11-21 11:26 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
