|
273471
|
- |
|
ericsson
|
drutt_mobile_service_delivery_platform
|
Multiple cross-site scripting (XSS) vulnerabilities in the Report Viewer in Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4.x, 5.x, and 6.x allow remote attackers to inject arbitrary web scr…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2165
|
2024-11-21 11:26 |
2015-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273472
|
- |
|
hp
|
intelligent_provisioning
|
Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008 R2 and 2012 allows local users to obtain sensitive information via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2111
|
2024-11-21 11:26 |
2015-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273473
|
- |
|
ibm
|
security_access_manager_for_web_7.0_firmware
security_access_manager_for_web_8.0_firmware
|
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x before 7.0.0 FP12 and 8.x before 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not l…
|
CWE-200
Information Exposure
|
CVE-2015-1892
|
2024-11-21 11:26 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273474
|
- |
|
hp
|
operations_orchestration
|
Unspecified vulnerability in HP Operations Orchestration 10.x allows remote attackers to bypass authentication, and obtain sensitive information or modify data, via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2109
|
2024-11-21 11:26 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273475
|
- |
|
hp
|
operations_orchestration
|
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x allows remote authenticated users to obtain sensitive information via unknown vectors.
|
CWE-200
Information Exposure
|
CVE-2015-2108
|
2024-11-21 11:26 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273476
|
- |
|
hp
|
integrated_lights-out_3_firmware
integrated_lights-out_2_firmware
integrated_lights-out_4_firmware
|
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27, 3 before 1.82, and 4 before 2.10 allows remote attackers to bypass intended access restrictions or cause a denial o…
|
NVD-CWE-noinfo
|
CVE-2015-2106
|
2024-11-21 11:26 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273477
|
- |
|
dokuwiki
|
dokuwiki
|
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the ACL plugins, which allows remote authenticated users to gain privileges and add or delete ACL rules via …
|
CWE-284
Improper Access Control
|
CVE-2015-2172
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273478
|
- |
|
slimframework
|
slim
|
Middleware/SessionCookie.php in Slim before 2.6.0 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via crafted session data.
|
CWE-94
Code Injection
|
CVE-2015-2171
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273479
|
- |
|
freeipa
fedoraproject
|
freeipa
fedora
|
The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of ser…
|
CWE-19
Data Processing Errors
|
CVE-2015-1827
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273480
|
- |
|
selinux
fedoraproject
|
setroubleshoot
fedora
|
The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name.
|
CWE-77
Command Injection
|
CVE-2015-1815
|
2024-11-21 11:26 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
