|
274221
|
- |
|
sonicwall
|
uma_em5000_firmware
global_management_system
analyzer
|
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configu…
|
CWE-19
Data Processing Errors
|
CVE-2015-3990
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274222
|
- |
|
google
|
v8
chrome
|
Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknow…
|
NVD-CWE-noinfo
|
CVE-2015-3910
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274223
|
- |
|
openstack
oracle
|
horizon
solaris
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3988
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274224
|
- |
|
dcraw_project
fedoraproject
|
dcraw
fedora
|
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to t…
|
CWE-189
Numeric Errors
|
CVE-2015-3885
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274225
|
- |
|
concrete5
|
concrete5
|
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to private messages or other unspecifie…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3989
|
2024-11-21 11:30 |
2015-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274226
|
- |
|
mcafee
|
epo_deep_command
|
Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via un…
|
CWE-426
Untrusted Search Path
|
CVE-2015-3987
|
2024-11-21 11:30 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274227
|
- |
|
thecartpress
|
thecartpress_ecommerce_shopping_cart
|
Cross-site request forgery (CSRF) vulnerability in the TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attacke…
|
CWE-352
Origin Validation Error
|
CVE-2015-3986
|
2024-11-21 11:30 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274228
|
- |
|
fedora
|
pacemaker_configuration_system
|
The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via …
|
CWE-310
Cryptographic Issues
|
CVE-2015-3983
|
2024-11-21 11:30 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274229
|
- |
|
sap
|
netweaver_rfc_sdk
|
SAP NetWeaver RFC SDK allows attackers to obtain sensitive information via unspecified vectors, aka SAP Security Note 2084037.
|
CWE-200
Information Exposure
|
CVE-2015-3981
|
2024-11-21 11:30 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274230
|
- |
|
sap
|
customer_relationship_management
|
SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534.
|
CWE-89
SQL Injection
|
CVE-2015-3980
|
2024-11-21 11:30 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
