|
276501
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unsp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0821
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276502
|
- |
|
opensuse
mozilla
canonical
|
opensuse
firefox
ubuntu_linux
|
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sa…
|
CWE-284
Improper Access Control
|
CVE-2015-0820
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276503
|
- |
|
mozilla
opensuse
canonical
|
firefox
opensuse
ubuntu_linux
|
The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call originates from a foreground tab, which allows remote attackers to conduct spoofing and clickjacking a…
|
CWE-19
Data Processing Errors
|
CVE-2015-0819
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276504
|
- |
|
samsung
|
ipolis_device_manager
|
Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager 1.12.2 allows remote attackers to execute arbitrary code via a long string in the first argument to…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0555
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276505
|
- |
|
cisco
|
ips_sensor_software
|
Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows remote attackers to cause a denial of service by making many management-interface HTTPS connections …
|
CWE-362
Race Condition
|
CVE-2015-0631
|
2024-11-21 11:23 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276506
|
- |
|
cisco
|
content_security_management_appliance
web_security_appliance
email_security_appliance_firmware
|
The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Appliance (SMA), and Web Security Appliance (WSA) devices allows remote attackers to trigger redirect…
|
CWE-20
Improper Input Validation
|
CVE-2015-0624
|
2024-11-21 11:23 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276507
|
- |
|
cisco
|
ios_xr
carrier_routing_system
|
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on Carrier Routing System X (CRS-X) devices allows remote attackers to cause a denial of service (lin…
|
CWE-19
Data Processing Errors
|
CVE-2015-0618
|
2024-11-21 11:23 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276508
|
- |
|
squid-cache
|
squid
|
CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted header in a response.
|
NVD-CWE-Other
|
CVE-2015-0881
|
2024-11-21 11:23 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276509
|
- |
|
crear.ne.jp
|
al-mail32
|
Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code via a long filename of an attachment.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0880
|
2024-11-21 11:23 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276510
|
- |
|
almail
|
al-mail32
|
CREAR AL-Mail32 before 1.13d allows remote attackers to cause a denial of service (application crash) via a (1) CON, (2) AUX, or (3) NUL device name in the filename of an attachment.
|
CWE-20
Improper Input Validation
|
CVE-2015-0879
|
2024-11-21 11:23 |
2015-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
