|
274611
|
- |
|
apple
php
redhat
|
mac_os_x
php
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_hpc_node
enterprise_linux_server_eus
enterprise_linux_hpc_node_eus
…
|
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extensio…
|
CWE-19
Data Processing Errors
|
CVE-2015-4025
|
2024-11-21 11:30 |
2015-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274612
|
- |
|
redislabs
debian
|
redis
debian_linux
|
Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command.
|
CWE-17
Code
|
CVE-2015-4335
|
2024-11-21 11:30 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274613
|
- |
|
usersultra
|
usersultra
|
Multiple SQL injection vulnerabilities in the ratings module in the Users Ultra plugin before 1.5.16 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) data_target or …
|
CWE-89
SQL Injection
|
CVE-2015-4109
|
2024-11-21 11:30 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274614
|
- |
|
kankun
|
smartsocket
|
The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes it easier for remote attackers to (1) obtain sensitive information by sniffing the network and (2) …
|
CWE-310
Cryptographic Issues
|
CVE-2015-4080
|
2024-11-21 11:30 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274615
|
- |
|
everybit
|
encrypted_contact_form
|
Cross-site request forgery (CSRF) vulnerability in the Encrypted Contact Form plugin before 1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that …
|
CWE-352
Origin Validation Error
|
CVE-2015-4010
|
2024-11-21 11:30 |
2015-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274616
|
- |
|
ceph
|
ceph-deploy
|
The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.client.admin.keyring, which allows local users to obtain sensitive information by reading the file.
|
CWE-200
Information Exposure
|
CVE-2015-4053
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274617
|
- |
|
beckhoff
|
ipc_diagnostics
|
Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which allows remote attackers to cause a denial of service (reboot or shutdown), create arbitrary users,…
|
CWE-284
Improper Access Control
|
CVE-2015-4051
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274618
|
- |
|
canonical
t1utils_project
|
ubuntu_linux
t1utils
|
Buffer overflow in the set_cs_start function in t1disasm.c in t1utils before 1.39 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font f…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3905
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274619
|
- |
|
canonical
linux
|
ubuntu_linux
linux_kernel
|
The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or caus…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4004
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274620
|
- |
|
linux
|
linux_kernel
|
The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero er…
|
CWE-189
Numeric Errors
|
CVE-2015-4003
|
2024-11-21 11:30 |
2015-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
