|
276591
|
- |
|
canonical
google
debian
|
ubuntu_linux
chrome
debian_linux
|
The ContainerNode::parserRemoveChild function in core/dom/ContainerNode.cpp in the HTML parser in Blink, as used in Google Chrome before 42.0.2311.90, allows remote attackers to bypass the Same Origi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1235
|
2024-11-21 11:24 |
2015-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276592
|
8.8 |
HIGH
Network
|
searchblox
|
searchblox
|
Cross-site request forgery (CSRF) vulnerability in SearchBlox before 8.2 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-0970
|
2024-11-21 11:24 |
2015-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276593
|
- |
|
searchblox
|
searchblox
|
SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true action to the _cluster/health URI.
|
CWE-200
Information Exposure
|
CVE-2015-0969
|
2024-11-21 11:24 |
2015-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276594
|
- |
|
searchblox
|
searchblox
|
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 8.2 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and the im…
|
NVD-CWE-Other
|
CVE-2015-0968
|
2024-11-21 11:24 |
2015-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276595
|
- |
|
searchblox
|
searchblox
|
Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers to inject arbitrary web script or HTML via (1) the search field in plugin/index.html or (2) the tit…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0967
|
2024-11-21 11:24 |
2015-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276596
|
- |
|
blue_coat
|
malware_analysis_appliance
|
search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to bypass intended access restrictions, and list or read arbitrary documents…
|
CWE-200
Information Exposure
|
CVE-2015-0938
|
2024-11-21 11:24 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276597
|
- |
|
blue_coat
|
malware_analysis_appliance
|
Cross-site scripting (XSS) vulnerability in search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0937
|
2024-11-21 11:24 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276598
|
- |
|
apple
|
xcode
|
Integer overflow in the simulator in Swift in Apple Xcode before 6.3 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact by triggering an incorre…
|
CWE-189
Numeric Errors
|
CVE-2015-1149
|
2024-11-21 11:24 |
2015-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276599
|
- |
|
apple
|
mac_os_x
|
Screen Sharing in Apple OS X before 10.10.3 stores the password of a user in a log file, which might allow context-dependent attackers to obtain sensitive information by reading this file.
|
CWE-200
Information Exposure
|
CVE-2015-1148
|
2024-11-21 11:24 |
2015-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276600
|
- |
|
apple
|
mac_os_x
|
Open Directory Client in Apple OS X before 10.10.3 sends unencrypted password-change requests in certain circumstances involving missing certificates, which allows remote attackers to obtain sensitiv…
|
CWE-200
Information Exposure
|
CVE-2015-1147
|
2024-11-21 11:24 |
2015-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
