|
274071
|
- |
|
networkmanager_project
|
networkmanager
|
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit sett…
|
CWE-20
Improper Input Validation
|
CVE-2015-2924
|
2024-11-21 11:28 |
2015-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274072
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container protect…
|
NVD-CWE-Other
|
CVE-2015-2925
|
2024-11-21 11:28 |
2015-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274073
|
- |
|
libreswan
|
libreswan
|
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service (assertion failure and daemon restart) via a zero D…
|
CWE-189
Numeric Errors
|
CVE-2015-3240
|
2024-11-21 11:28 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274074
|
- |
|
hp
|
arcsight_smartconnectors
|
The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of thi…
|
NVD-CWE-Other
|
CVE-2015-2903
|
2024-11-21 11:28 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274075
|
- |
|
hp
|
arcsight_smartconnectors
|
HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted…
|
CWE-310
Cryptographic Issues
|
CVE-2015-2902
|
2024-11-21 11:28 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274076
|
- |
|
apache
|
ambari
|
Cross-site scripting (XSS) vulnerability in Apache Ambari before 2.1.0 allows remote authenticated cluster operator users to inject arbitrary web script or HTML via the note field in a configuration …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3186
|
2024-11-21 11:28 |
2015-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274077
|
- |
|
fedoraproject
|
389_directory_server
|
389 Directory Server (formerly Fedora Directory Server) before 1.3.3.12 does not enforce the nsSSL3Ciphers preference when creating an sslSocket, which allows remote attackers to have unspecified imp…
|
CWE-254
7PK - Security Features
|
CVE-2015-3230
|
2024-11-21 11:28 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274078
|
- |
|
medicomp
|
medcin_engine
|
Multiple stack-based buffer overflows in Medicomp MEDCIN Engine 2.22.20142.166 might allow remote attackers to execute arbitrary code via a crafted packet on port 8190, related to (1) the GetProperty…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2901
|
2024-11-21 11:28 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274079
|
- |
|
medicomp
|
medcin_engine
|
The AddUserFinding add_userfinding2 function in Medicomp MEDCIN Engine before 2.22.20153.226 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified ot…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2900
|
2024-11-21 11:28 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274080
|
- |
|
medicomp
|
medcin_engine
|
Heap-based buffer overflow in the QualifierList retrieve_qualifier_list function in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to execute arbitrary code via a long list…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2899
|
2024-11-21 11:28 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
