|
275891
|
- |
|
realmd_project
|
realmd
|
realmd allows remote attackers to inject arbitrary configurations in to sssd.conf and smb.conf via a newline character in an LDAP response.
|
CWE-74
Injection
|
CVE-2015-2704
|
2024-11-21 11:27 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275892
|
- |
|
gns3
|
gns3
|
Untrusted search path vulnerability in GNS3 1.2.3 allows local users to gain privileges via a Trojan horse uuid.dll in an unspecified directory.
|
NVD-CWE-Other
|
CVE-2015-2667
|
2024-11-21 11:27 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275893
|
- |
|
huawei
|
seq_analyst
|
XML external entity (XXE) vulnerability in Huawei SEQ Analyst before V200R002C03LG0001CP0022 allows remote authenticated users to read arbitrary files via the req parameter.
|
NVD-CWE-Other
|
CVE-2015-2346
|
2024-11-21 11:27 |
2015-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275894
|
- |
|
concrete5
|
concrete5
|
Multiple cross-site scripting (XSS) vulnerabilities in concrete5 before 5.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) banned_word[] parameter to index.php/dashboard/…
|
CWE-79
Cross-site Scripting
|
CVE-2015-2250
|
2024-11-21 11:27 |
2015-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275895
|
- |
|
mozilla
|
firefox
|
The update implementation in Mozilla Firefox before 38.0 on Windows does not ensure that the pathname for updater.exe corresponds to the application directory, which might allow local users to gain p…
|
CWE-17
Code
|
CVE-2015-2720
|
2024-11-21 11:27 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275896
|
- |
|
opensuse
mozilla
|
opensuse
firefox
|
The WebChannel.jsm module in Mozilla Firefox before 38.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive webchannel-response data via a crafted web site containing an IF…
|
CWE-200
Information Exposure
|
CVE-2015-2718
|
2024-11-21 11:27 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275897
|
- |
|
mozilla
opensuse
|
firefox
opensuse
|
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) vi…
|
CWE-189
Numeric Errors
|
CVE-2015-2717
|
2024-11-21 11:27 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275898
|
- |
|
mozilla
novell
opensuse
oracle
|
firefox
suse_linux_enterprise_server
suse_linux_enterprise_desktop
opensuse
suse_linux_enterprise_software_development_kit
thunderbird
solaris
firefox_esr
|
Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amou…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2716
|
2024-11-21 11:27 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275899
|
- |
|
mozilla
opensuse
|
firefox
opensuse
|
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and…
|
CWE-362
Race Condition
|
CVE-2015-2715
|
2024-11-21 11:27 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275900
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android logging system, which allows attackers to obtain sensitive information via a crafted application that…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2714
|
2024-11-21 11:27 |
2015-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
