|
271601
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 42.0 on Android allows user-assisted remote attackers to bypass the Same Origin Policy and trigger (1) a download or (2) cached profile-data reading via a file: URL in a saved …
|
CWE-200
Information Exposure
|
CVE-2015-7186
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271602
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon fullscreen-mode exit, which allows remote attackers to spoof the address bar via crafted JavaScript code.
|
CWE-254
7PK - Security Features
|
CVE-2015-7185
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271603
|
- |
|
mozilla
|
firefox
network_security_services
|
Integer overflow in the PL_ARENA_ALLOCATE implementation in Netscape Portable Runtime (NSPR) in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox be…
|
CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error')
Numeric Errors
|
CVE-2015-7183
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271604
|
- |
|
mozilla
|
network_security_services
firefox
|
The sec_asn1d_parse_leaf function in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 and other produc…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7181
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271605
|
9.8 |
CRITICAL
Network
|
oracle
mozilla
|
traffic_director
opensso
iplanet_web_proxy_server
firefox
glassfish_server
network_security_services
iplanet_web_server
|
Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Firefox ESR 38.x before 38.4 an…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7182
|
2024-11-21 11:36 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271606
|
- |
|
commvault
|
edge_server
|
The Web Console in Commvault Edge Server 10 R2 allows remote attackers to execute arbitrary OS commands via crafted serialized data in a cookie.
|
CWE-78
OS Command
|
CVE-2015-7253
|
2024-11-21 11:36 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271607
|
- |
|
mobatek
|
mobaxterm
|
The default configuration of the server in MobaXterm before 8.3 has a disabled Access Control setting and consequently does not require authentication for X11 connections, which allows remote attacke…
|
CWE-284
Improper Access Control
|
CVE-2015-7244
|
2024-11-21 11:36 |
2015-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271608
|
- |
|
joomla
|
joomla\!
|
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858.
|
CWE-89
SQL Injection
|
CVE-2015-7297
|
2024-11-21 11:36 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271609
|
- |
|
owncloud
qt
|
owncloud_desktop_client
qt
|
ownCloud Desktop Client before 2.0.1, when compiled with a Qt release after 5.3.x, does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which makes it easier for remote…
|
NVD-CWE-Other
|
CVE-2015-7298
|
2024-11-21 11:36 |
2015-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271610
|
- |
|
apple
|
mac_os_x
iphone_os
|
CFNetwork in Apple iOS before 9.1 and OS X before 10.11.1 does not properly consider the uppercase-versus-lowercase distinction during cookie parsing, which allows remote web servers to overwrite coo…
|
CWE-17
Code
|
CVE-2015-7023
|
2024-11-21 11:36 |
2015-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
