|
275481
|
- |
|
canonical
debian
opensuse
mozilla
|
ubuntu_linux
debian_linux
opensuse
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to cause a denial of service (memory corruption and a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4473
|
2024-11-21 11:31 |
2015-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275482
|
- |
|
xceedium
|
xsuite
|
Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// (quadruple dot double slash) in the lo…
|
CWE-22
Path Traversal
|
CVE-2015-4666
|
2024-11-21 11:31 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275483
|
- |
|
xceedium
|
xsuite
|
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4665
|
2024-11-21 11:31 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275484
|
- |
|
cacti
|
cacti
|
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
|
CWE-89
SQL Injection
|
CVE-2015-4634
|
2024-11-21 11:31 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275485
|
- |
|
mozilla
|
firefox_os
|
Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-4494
|
2024-11-21 11:31 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275486
|
- |
|
timedoctor
|
timedoctor
|
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2015-4674
|
2024-11-21 11:31 |
2015-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275487
|
- |
|
linux
|
linux_kernel
|
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have…
|
NVD-CWE-Other
|
CVE-2015-4692
|
2024-11-21 11:31 |
2015-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275488
|
- |
|
emc
|
avamar_server_virtual_edition
avamar_server
|
Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/…
|
CWE-200
Information Exposure
|
CVE-2015-4527
|
2024-11-21 11:31 |
2015-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275489
|
- |
|
debian
wireshark
|
debian_linux
wireshark
|
epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service…
|
CWE-20
Improper Input Validation
|
CVE-2015-4652
|
2024-11-21 11:31 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275490
|
- |
|
wireshark
debian
oracle
|
wireshark
debian_linux
solaris
|
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available…
|
CWE-399
Resource Management Errors
|
CVE-2015-4651
|
2024-11-21 11:31 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
