|
272301
|
6.5 |
MEDIUM
Network
|
qemu
fedoraproject
canonical
suse
arista
|
qemu
fedora
ubuntu_linux
linux_enterprise_server
linux_enterprise_desktop
linux_enterprise_debuginfo
linux_enterprise_software_development_kit
eos
|
Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2015-5239
|
2024-11-21 11:32 |
2020-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272302
|
6.5 |
MEDIUM
Network
|
bmc
|
remedy_ar_system_server
|
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary local files via the __imageid p…
|
CWE-269
Improper Privilege Management
|
CVE-2015-5072
|
2024-11-21 11:32 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272303
|
6.5 |
MEDIUM
Network
|
bmc
|
remedy_ar_system_server
|
AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to "navigate" to arbitrary files via the __report parameter of …
|
CWE-269
Improper Privilege Management
|
CVE-2015-5071
|
2024-11-21 11:32 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272304
|
7.5 |
HIGH
Network
|
powerdns
debian
|
authoritative
debian_linux
|
The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets.
|
CWE-20
Improper Input Validation
|
CVE-2015-5230
|
2024-11-21 11:32 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272305
|
7.5 |
HIGH
Network
|
ratbox
|
ircd-ratbox
|
A Denial of Service vulnerability exists in ircd-ratbox 3.0.9 in the MONITOR Command Handler.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5290
|
2024-11-21 11:32 |
2019-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272306
|
9.8 |
CRITICAL
Network
|
pixman
|
pixman
|
An integer overflow issue has been reported in the general_composite_rect() function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to cr…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-5297
|
2024-11-21 11:32 |
2019-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272307
|
8.8 |
HIGH
Network
|
axiomsl
|
axiom
|
AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack.
|
CWE-384
Session Fixation
|
CVE-2015-5384
|
2024-11-21 11:32 |
2019-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272308
|
7.5 |
HIGH
Network
|
kdcproxy_project
|
kdcproxy
|
python-kdcproxy before 0.3.2 allows remote attackers to cause a denial of service via a large POST request.
|
CWE-20
Improper Input Validation
|
CVE-2015-5159
|
2024-11-21 11:32 |
2018-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272309
|
9.8 |
CRITICAL
Network
|
phpwhois_project
|
phpwhois
|
phpWhois allows remote attackers to execute arbitrary code via a crafted whois record.
|
CWE-94
Code Injection
|
CVE-2015-5243
|
2024-11-21 11:32 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272310
|
5.5 |
MEDIUM
Local
|
libvirt
redhat
|
libvirt
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_aus
enterprise_linux_se…
|
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
|
CWE-200
Information Exposure
|
CVE-2015-5160
|
2024-11-21 11:32 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
