|
274111
|
- |
|
trendmicro
|
deep_discovery_inspector
|
Multiple cross-site scripting (XSS) vulnerabilities in Trend Micro Deep Discovery Inspector (DDI) on Deep Discovery Threat appliances with software before 3.5.1477, 3.6.x before 3.6.1217, 3.7.x befor…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2872
|
2024-11-21 11:28 |
2015-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274112
|
- |
|
php_kobo
|
photo_gallery_cms_free
|
Cross-site request forgery (CSRF) vulnerability in admin.php in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote attackers to hijack the authentica…
|
CWE-352
Origin Validation Error
|
CVE-2015-2983
|
2024-11-21 11:28 |
2015-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274113
|
- |
|
php_kobo
|
photo_gallery_cms_free
|
Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote authenticated users to i…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2982
|
2024-11-21 11:28 |
2015-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274114
|
- |
|
iodata
|
wn-g54\/r2_firmware
|
I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2984
|
2024-11-21 11:28 |
2015-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274115
|
- |
|
debian
openstack
oracle
|
debian_linux
horizon
solaris
|
Cross-site scripting (XSS) vulnerability in the Orchestration/Stack section in OpenStack Dashboard (Horizon) 2014.2 before 2014.2.4 and 2015.1.x before 2015.1.1 allows remote attackers to inject arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3219
|
2024-11-21 11:28 |
2015-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274116
|
- |
|
theforeman
|
foreman
|
Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3235
|
2024-11-21 11:28 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274117
|
- |
|
theforeman
|
foreman
|
Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wi…
|
CWE-284
Improper Access Control
|
CVE-2015-3155
|
2024-11-21 11:28 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274118
|
- |
|
clutter_project
|
clutter
|
The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.
|
CWE-284
Improper Access Control
|
CVE-2015-3213
|
2024-11-21 11:28 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274119
|
- |
|
apache
apple
|
subversion
xcode
|
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive pa…
|
CWE-200
Information Exposure
|
CVE-2015-3187
|
2024-11-21 11:28 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274120
|
- |
|
apple
apache
|
xcode
subversion
|
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read…
|
CWE-200
Information Exposure
|
CVE-2015-3184
|
2024-11-21 11:28 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
