|
270001
|
- |
|
joomla
|
joomla\!
|
Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows remote attackers to hijack the authentication of unspecifie…
|
CWE-352
Origin Validation Error
|
CVE-2015-8563
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270002
|
- |
|
joomla
|
joomla\!
|
Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via the HTTP User-Agent header, as exploited in the wild in Dece…
|
CWE-20
Improper Input Validation
|
CVE-2015-8562
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270003
|
- |
|
debian
phpmailer_project
|
debian_linux
phpmailer
|
Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in clas…
|
CWE-20
Improper Input Validation
|
CVE-2015-8476
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270004
|
- |
|
gnu
fedoraproject
|
grub2
fedora
|
Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8370
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270005
|
- |
|
bitrix
|
mpbuilder
|
Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element n…
|
CWE-22
Path Traversal
|
CVE-2015-8358
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270006
|
- |
|
bitrix
|
xscan
|
Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or caus…
|
CWE-22
Path Traversal
|
CVE-2015-8357
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270007
|
- |
|
kaspersky
|
total_security_2015
|
Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass th…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8579
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270008
|
- |
|
avg
|
internet_security
|
AVG Internet Security 2015 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8578
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270009
|
- |
|
mcafee
|
virusscan_enterprise
|
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platform…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8577
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270010
|
- |
|
isc
|
bind
|
Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via…
|
CWE-362
Race Condition
|
CVE-2015-8461
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
