|
273901
|
- |
|
clamav
fedoraproject
|
clamav
fedora
|
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
|
CWE-17
Code
|
CVE-2015-1463
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273902
|
- |
|
fedoraproject
clamav
|
fedora
clamav
|
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1462
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273903
|
- |
|
fedoraproject
clamav
|
fedora
clamav
|
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1461
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273904
|
- |
|
huawei
|
quidway_firmware
|
Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1460
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273905
|
- |
|
fortinet
|
fortiauthenticator
|
Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1459
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273906
|
- |
|
fortinet
|
fortiauthenticator
|
Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1458
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273907
|
- |
|
fortinet
|
fortiauthenticator
|
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
|
CWE-200
Information Exposure
|
CVE-2015-1457
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273908
|
- |
|
fortinet
|
fortiauthenticator
|
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
|
CWE-200
Information Exposure
|
CVE-2015-1456
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273909
|
- |
|
fortinet
|
fortiauthenticator
|
Fortinet FortiAuthenticator 3.0.0 has a password of (1) slony for the slony PostgreSQL user and (2) www-data for the www-data PostgreSQL user, which makes it easier for remote attackers to obtain acc…
|
CWE-255
Credentials Management
|
CVE-2015-1455
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273910
|
- |
|
piwigo
|
piwigo
|
SQL injection vulnerability in Piwigo before 2.5.6, 2.6.x before 2.6.5, and 2.7.x before 2.7.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-1441
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
