|
277281
|
- |
|
kajona
|
kajona
|
Cross-site scripting (XSS) vulnerability in the backend in Kajona before 4.6.3 allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0917
|
2024-11-21 11:23 |
2015-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277282
|
8.8 |
HIGH
Network
|
o-dyn
debian
canonical
|
collabtive
debian_linux
ubuntu_linux
|
Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php in Collabtive before 2.1 allow remote authenticated users to execute arbitrary code by uploading a f…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2015-0258
|
2024-11-21 11:22 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277283
|
8.1 |
HIGH
Network
|
ibm
|
workflow
|
IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission wi…
|
CWE-287
Improper Authentication
|
CVE-2015-0102
|
2024-11-21 11:22 |
2020-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277284
|
7.5 |
HIGH
Network
|
gnu
debian
redhat
|
gnutls
debian_linux
enterprise_linux
|
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate.
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0294
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277285
|
9.8 |
CRITICAL
Network
|
postgresql
debian
|
postgresql
debian_linux
|
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote at…
|
CWE-89
SQL Injection
|
CVE-2015-0244
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277286
|
8.8 |
HIGH
Network
|
postgresql
debian
|
postgresql
debian_linux
|
Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cau…
|
CWE-120
Classic Buffer Overflow
|
CVE-2015-0243
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277287
|
8.8 |
HIGH
Network
|
postgresql
debian
|
postgresql
debian_linux
|
Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on …
|
CWE-787
Out-of-bounds Write
|
CVE-2015-0242
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277288
|
8.8 |
HIGH
Network
|
postgresql
debian
|
postgresql
debian_linux
|
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (…
|
CWE-120
Classic Buffer Overflow
|
CVE-2015-0241
|
2024-11-21 11:22 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277289
|
9.8 |
CRITICAL
Network
|
zend
|
framework
|
Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.
|
CWE-89
SQL Injection
|
CVE-2015-0270
|
2024-11-21 11:22 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277290
|
9.8 |
CRITICAL
Network
|
qualcomm
|
sd_400_firmware
sd_800_firmware
|
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-9996
|
2024-11-21 11:22 |
2018-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
