|
272821
|
- |
|
octobercms
|
october
|
Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5612
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272822
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5737
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272823
|
- |
|
fortinet
|
forticlient
|
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5736
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272824
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x22…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5735
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272825
|
- |
|
siemens
|
compas
|
The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensiti…
|
CWE-310
Cryptographic Issues
|
CVE-2015-5717
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272826
|
- |
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other …
|
CWE-416
Use After Free
|
CVE-2015-5706
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272827
|
- |
|
linux
|
linux_kernel
|
The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from ker…
|
CWE-200
Information Exposure
|
CVE-2015-5697
|
2024-11-21 11:33 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272828
|
- |
|
siemens
|
simatic_s7_1200_cpu_firmware
simatic_s7_1200_cpu
|
Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU devices with firmware before 4.1.3 allows remote attackers to hijack the authentication of unspecified…
|
CWE-352
Origin Validation Error
|
CVE-2015-5698
|
2024-11-21 11:33 |
2015-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272829
|
- |
|
hp
|
virtual_connect_enterprise_manager_sdk
|
HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive inform…
|
NVD-CWE-noinfo
|
CVE-2015-5433
|
2024-11-21 11:33 |
2015-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272830
|
- |
|
apple
|
quicktime
|
Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability tha…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5786
|
2024-11-21 11:33 |
2015-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
