|
277401
|
- |
|
chat_room_project
|
chat_room
|
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when setting up a websocket for chat messages, which allows remote attackers to bypass intended access restr…
|
CWE-200
Information Exposure
|
CVE-2015-8601
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277402
|
- |
|
sap
|
mobile_platform
|
The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vec…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8600
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277403
|
- |
|
cacti
|
cacti
|
SQL injection vulnerability in include/top_graph_header.php in Cacti 0.8.8f and earlier allows remote attackers to execute arbitrary SQL commands via the rra_id parameter in a properties action to gr…
|
CWE-89
SQL Injection
|
CVE-2015-8369
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277404
|
- |
|
ntop
|
ntopng
|
ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
|
CWE-254
7PK - Security Features
|
CVE-2015-8368
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277405
|
- |
|
xen
|
xen
|
The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allow…
|
CWE-399
Resource Management Errors
|
CVE-2015-8341
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277406
|
- |
|
xen
|
xen
|
The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly release locks, which might allow guest OS administrators to cause a denial of service (deadlock or host cr…
|
CWE-17
Code
|
CVE-2015-8340
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277407
|
- |
|
xen
|
xen
|
The memory_exchange function in common/memory.c in Xen 3.2.x through 4.6.x does not properly hand back pages to a domain, which might allow guest OS administrators to cause a denial of service (host …
|
CWE-19
Data Processing Errors
|
CVE-2015-8339
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277408
|
- |
|
xen
|
xen
|
Xen 4.6.x and earlier does not properly enforce limits on page order inputs for the (1) XENMEM_increase_reservation, (2) XENMEM_populate_physmap, (3) XENMEM_exchange, and possibly other HYPERVISOR_me…
|
CWE-254
7PK - Security Features
|
CVE-2015-8338
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277409
|
- |
|
redhat
linuxfoundation
canonical
debian
|
enterprise_linux_server_eus
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
foomatic-filters
ubuntu_linux
cups-filters
…
|
Incomplete blacklist vulnerability in util.c in foomatic-rip in cups-filters 1.0.42 before 1.2.0 and in foomatic-filters in Foomatic 4.0.x allows remote attackers to execute arbitrary commands via ` …
|
NVD-CWE-Other
|
CVE-2015-8327
|
2024-11-21 11:38 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277410
|
- |
|
foxitsoftware
|
foxit_reader
phantompdf
|
Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary …
|
NVD-CWE-Other
|
CVE-2015-8580
|
2024-11-21 11:38 |
2015-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
