|
274981
|
- |
|
oracle
|
fusion_middleware
|
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unkno…
|
NVD-CWE-noinfo
|
CVE-2015-1829
|
2024-11-21 11:26 |
2015-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274982
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1814
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274983
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerabili…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1813
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274984
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerabili…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1812
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274985
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1810
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274986
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service (improper plug-in and tool installation) via crafted update center data.
|
CWE-20
Improper Input Validation
|
CVE-2015-1808
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274987
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building …
|
CWE-22
Path Traversal
|
CVE-2015-1807
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274988
|
- |
|
jenkins
redhat
|
jenkins
openshift
|
The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code o…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1806
|
2024-11-21 11:26 |
2015-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274989
|
- |
|
ibm
|
websphere_extreme_scale
|
Cross-site scripting (XSS) vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 allows remote authenticated users to inject arbitrary web script or HTML via a cr…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2031
|
2024-11-21 11:26 |
2015-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274990
|
- |
|
ibm
|
websphere_extreme_scale
|
IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3 and 7.1.1 before 7.1.1.1 has an improper account-lockout setting, which makes it easier for remote attackers to obtain access via a brute-force attack.
|
NVD-CWE-Other
|
CVE-2015-2030
|
2024-11-21 11:26 |
2015-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
