|
272581
|
- |
|
gollum_project
|
gollum
|
The Precious module in gollum before 4.0.1 allows remote attackers to read arbitrary files by leveraging the lack of a certain temporary-file check.
|
CWE-200
Information Exposure
|
CVE-2015-7314
|
2024-11-21 11:36 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272582
|
- |
|
juniper
|
pulse_connect_secure
|
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 allows remote authenticated users to bypa…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7323
|
2024-11-21 11:36 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272583
|
- |
|
juniper
|
pulse_connect_secure
|
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse) before 7.1R22.1, 7.4, 8.0 before 8.0R11, and 8.1 before 8.1R3 provides different messages for attempts …
|
CWE-200
Information Exposure
|
CVE-2015-7322
|
2024-11-21 11:36 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272584
|
- |
|
freeswitch
|
freeswitch
|
Heap-based buffer overflow in the parse_string function in libs/esl/src/esl_json.c in FreeSWITCH before 1.4.23 and 1.6.x before 1.6.2 allows remote attackers to execute arbitrary code via a trailing …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7392
|
2024-11-21 11:36 |
2015-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272585
|
- |
|
xen
|
xen
|
libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image.
|
CWE-17
Code
|
CVE-2015-7311
|
2024-11-21 11:36 |
2015-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272586
|
7.5 |
HIGH
Network
|
rpcbind_project
canonical
debian
oracle
|
rpcbind
ubuntu_linux
debian_linux
solaris
|
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMA…
|
NVD-CWE-Other
|
CVE-2015-7236
|
2024-11-21 11:36 |
2015-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272587
|
- |
|
ipython
jupyter
|
notebook
|
The editor in IPython Notebook before 3.2.2 and Jupyter Notebook 4.0.x before 4.0.5 allows remote attackers to execute arbitrary JavaScript code via a crafted file, which triggers a redirect to files…
|
CWE-20
Improper Input Validation
|
CVE-2015-7337
|
2024-11-21 11:36 |
2015-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272588
|
- |
|
codepeople
|
appointment_booking_calendar
|
Multiple cross-site scripting (XSS) vulnerabilities in cpabc_appointments_admin_int_bookings_list.inc.php in the Appointment Booking Calendar plugin before 1.1.8 for WordPress allow remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2015-7320
|
2024-11-21 11:36 |
2015-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272589
|
- |
|
codepeople
|
appointment_booking_calendar
|
SQL injection vulnerability in cpabc_appointments_admin_int_calendar_list.inc.php in the Appointment Booking Calendar plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary SQ…
|
CWE-89
SQL Injection
|
CVE-2015-7319
|
2024-11-21 11:36 |
2015-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272590
|
- |
|
zohocorp
|
manageengine_eventlog_analyzer
|
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and earlier allows remote attackers to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallow…
|
CWE-89
SQL Injection
|
CVE-2015-7387
|
2024-11-21 11:36 |
2015-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
