|
273611
|
8.1 |
HIGH
Network
|
apache
|
camel
|
Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) camel-jetty or (2) camel-servlet as a consumer in Camel routes, allow remote attackers to execute arb…
|
CWE-19
Data Processing Errors
|
CVE-2015-5348
|
2024-11-21 11:32 |
2016-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273612
|
6.5 |
MEDIUM
Network
|
redhat
canonical
|
libvirt
ubuntu_linux
|
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unl…
|
CWE-284
Improper Access Control
|
CVE-2015-5247
|
2024-11-21 11:32 |
2016-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273613
|
7.6 |
HIGH
Network
|
apache
debian
|
subversion
debian_linux
|
Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5343
|
2024-11-21 11:32 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273614
|
6.1 |
MEDIUM
Network
|
apache
|
wicket
|
Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicket.extensions.ajax.markup.html.modal.ModalWindow in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5347
|
2024-11-21 11:32 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273615
|
6.5 |
MEDIUM
Network
|
apache
|
ranger
|
The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5167
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273616
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation support, allows guest OS users with CAP_SYS_RAWIO permissions to cause a denial of service (instance c…
|
CWE-787
Out-of-bounds Write
|
CVE-2015-5158
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273617
|
7.8 |
HIGH
Local
|
apache
|
ldap_studio
directory_studio
|
The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly escape field values, which might allow attackers to execute arbitrary commands by leveraging a craf…
|
CWE-77
Command Injection
|
CVE-2015-5349
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273618
|
7.3 |
HIGH
Network
|
redhat
|
openstack
|
The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack Platform 7.0, do not properly use the configured RabbitMQ credentials, which makes it easier for rem…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5329
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273619
|
2.5 |
LOW
Local
|
redhat
|
libvirt
|
Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows l…
|
CWE-22
Path Traversal
|
CVE-2015-5313
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273620
|
7.5 |
HIGH
Network
|
openstack
|
tripleo_heat_templates
|
The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, allow remote attackers to spoof OpenStack Networking metadata requests by leveraging knowledge of the…
|
CWE-254
7PK - Security Features
|
CVE-2015-5303
|
2024-11-21 11:32 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
