|
276631
|
- |
|
fedoraproject
debian
xen
|
fedora
debian_linux
xen
|
The x86 emulator in Xen 3.2.x through 4.5.x does not properly ignore segment overrides for instructions with register operands, which allows local guest users to obtain sensitive information, cause a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2151
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276632
|
- |
|
ubuntu
xen
linux
|
ubuntu
xen
linux_kernel
|
Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2150
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276633
|
- |
|
xen
fedoraproject
debian
|
xen
fedora
debian_linux
|
The HYPERVISOR_xen_version hypercall in Xen 3.2.x through 4.5.x does not properly initialize data structures, which allows local guest users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-2045
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276634
|
- |
|
xen
|
xen
|
The emulation routines for unspecified X86 devices in Xen 3.2.x through 4.5.x does not properly initialize data, which allow local HVM guest users to obtain sensitive information via vectors involvin…
|
CWE-200
Information Exposure
|
CVE-2015-2044
|
2024-11-21 11:26 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276635
|
- |
|
ajsquare
|
zeuscart
|
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2182
|
2024-11-21 11:26 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276636
|
- |
|
palosanto
|
elastix
|
SQL injection vulnerability in a2billing/customer/iridium_threed.php in Elastix 2.5.0 and earlier allows remote attackers to execute arbitrary SQL commands via the transactionID parameter.
|
CWE-89
SQL Injection
|
CVE-2015-1875
|
2024-11-21 11:26 |
2015-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276637
|
- |
|
ajsquare
|
zeuscart
|
ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.
|
CWE-200
Information Exposure
|
CVE-2015-2184
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276638
|
- |
|
zeuscart
|
zeuscart
|
Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2)…
|
CWE-89
SQL Injection
|
CVE-2015-2183
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276639
|
- |
|
cfdbplugin
|
contact_form_db
|
Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before 2.8.32 for WordPress allows remote attackers to hijack the aut…
|
CWE-352
Origin Validation Error
|
CVE-2015-1874
|
2024-11-21 11:26 |
2015-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276640
|
- |
|
webgateinc
|
edvr_manager
|
Use-after-free vulnerability in the Connect function in the WESPMonitor.WESPMonitorCtrl.1 ActiveX control in WebGate eDVR Manager allows remote attackers to execute arbitrary code via an invalid IP a…
|
NVD-CWE-Other
|
CVE-2015-2096
|
2024-11-21 11:26 |
2015-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
