|
271361
|
7.8 |
HIGH
Local
|
samsung
|
m2m1shot_driver
|
Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large dat…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-7892
|
2024-11-21 11:37 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271362
|
8.8 |
HIGH
Network
|
cloudera
|
cdh
|
In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used.
|
CWE-269
Improper Privilege Management
|
CVE-2015-7831
|
2024-11-21 11:37 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271363
|
4.7 |
MEDIUM
Local
|
videolan
redhat
fedoraproject
debian
|
libbluray
enterprise_linux
fedora
debian_linux
|
libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2015-7810
|
2024-11-21 11:37 |
2019-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271364
|
8.1 |
HIGH
Network
|
mongodb
|
mongodb
|
Improper handling of LDAP authentication in MongoDB Server versions 3.0.0 to 3.0.6 allows an unauthenticated client to gain unauthorized access.
|
CWE-287
Improper Authentication
|
CVE-2015-7882
|
2024-11-21 11:37 |
2019-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271365
|
6.1 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra.
|
CWE-79
Cross-site Scripting
|
CVE-2015-7609
|
2024-11-21 11:37 |
2019-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271366
|
8.8 |
HIGH
Network
|
zimbra
synacor
|
zimbra_collaboration_suite
|
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows rem…
|
CWE-352
Origin Validation Error
|
CVE-2015-7610
|
2024-11-21 11:37 |
2018-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271367
|
7.8 |
HIGH
Local
|
gemalto
|
safenet_authentication_service_for_citrix_web_interface_agent
|
SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7967
|
2024-11-21 11:37 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271368
|
7.8 |
HIGH
Local
|
gemalto
|
safenet_authentication_service_windows_logon_agent
|
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7966
|
2024-11-21 11:37 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271369
|
7.8 |
HIGH
Local
|
gemalto
|
safenet_authentication_service_windows_logon_agent
|
SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7965
|
2024-11-21 11:37 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271370
|
7.8 |
HIGH
Local
|
gemalto
|
safenet_authentication_service_for_nps_agent
|
SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable mo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7964
|
2024-11-21 11:37 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
