|
270161
|
7.8 |
HIGH
Local
|
gemalto
|
safenet_authentication_service_tokenvalidator_proxy_agent
|
SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7598
|
2024-11-21 11:37 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270162
|
7.8 |
HIGH
Local
|
gemalto
|
safenet_authentication_service_iis_agent
|
SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7597
|
2024-11-21 11:37 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270163
|
7.8 |
HIGH
Local
|
gemalto
|
safenet_authentication_service_end_user_software_tools_for_windows
|
SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7596
|
2024-11-21 11:37 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270164
|
7.5 |
HIGH
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API …
|
CWE-284
Improper Access Control
|
CVE-2015-8008
|
2024-11-21 11:37 |
2017-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270165
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service a…
|
CWE-275
Permission Issues
|
CVE-2015-7889
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270166
|
9.8 |
CRITICAL
Network
|
easy2map
|
easy2map
|
Multiple directory traversal vulnerabilities in (1) includes/MapImportCSV2.php and (2) includes/MapImportCSV.php in the Easy2Map plugin before 1.3.0 for WordPress allow remote attackers to include an…
|
CWE-22
Path Traversal
|
CVE-2015-7669
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270167
|
6.1 |
MEDIUM
Network
|
easy2map
|
easy2map
|
Cross-site scripting (XSS) vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map_i…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7668
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270168
|
6.1 |
MEDIUM
Network
|
web-mv
|
resads
|
Multiple cross-site scripting (XSS) vulnerabilities in (1) templates/admanagement/admanagement.php and (2) templates/adspot/adspot.php in the ResAds plugin before 1.0.2 for WordPress allow remote att…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7667
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270169
|
6.1 |
MEDIUM
Network
|
codepeople
|
payment_form_for_paypal_pro
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) cp_updateMessageItem and (2) cp_deleteMessageItem functions in cp_ppp_admin_int_message_list.inc.php in the Payment Form for PayPal Pro …
|
CWE-79
Cross-site Scripting
|
CVE-2015-7666
|
2024-11-21 11:37 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270170
|
5.4 |
MEDIUM
Network
|
taxonomy_find_project
|
taxonomy_find
|
Cross-site scripting (XSS) vulnerability in the Taxonomy Find module 6.x-2.x through 6.x-1.2 and 7.x-2.x through 7.x-1.0 in Drupal allows remote authenticated users with certain permissions to inject…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7878
|
2024-11-21 11:37 |
2017-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
