|
274401
|
8.6 |
HIGH
Network
|
zip_attachments_project
|
zip_attachments
|
Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter.
|
CWE-22
Path Traversal
|
CVE-2015-4694
|
2024-11-21 11:31 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274402
|
8.0 |
HIGH
Network
|
emc
|
isilon_onefs
|
EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote authenticated administrators to bypass a SmartLock root-login restriction by creating a root account …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4545
|
2024-11-21 11:31 |
2015-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274403
|
- |
|
libreoffice
canonical
debian
apache
|
libreoffice
ubuntu_linux
debian_linux
openoffice
|
LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configuration information in OpenDocument Format files and templates when handling links, which might allow …
|
CWE-200
Information Exposure
|
CVE-2015-4551
|
2024-11-21 11:31 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274404
|
- |
|
mozilla
|
firefox
|
The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes it easier for remote attackers to bypass the Content Security Policy (CSP) protection mechanism an…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4518
|
2024-11-21 11:31 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274405
|
- |
|
mozilla
|
firefox
|
Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attackers to obtain sensitive hostname information by constructing a crafted web site that sends an NTLM re…
|
CWE-200
Information Exposure
|
CVE-2015-4515
|
2024-11-21 11:31 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274406
|
- |
|
mozilla
|
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4514
|
2024-11-21 11:31 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274407
|
- |
|
mozilla
|
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefox ESR 38.x before 38.4 allow remote attackers to cause a denial of service (memory corruption and a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4513
|
2024-11-21 11:31 |
2015-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274408
|
- |
|
fedoraproject
opensuse
polkit_project
|
fedora
opensuse
polkit
|
Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.113 allows local users to gain privileges by creating a large number of connections, which triggers…
|
CWE-189
Numeric Errors
|
CVE-2015-4625
|
2024-11-21 11:31 |
2015-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274409
|
- |
|
owncloud
|
owncloud_desktop_client
|
ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which allows man-in-the-middle attackers to bypass the user's certificate dist…
|
NVD-CWE-Other
|
CVE-2015-4456
|
2024-11-21 11:31 |
2015-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274410
|
- |
|
oracle
|
solaris
|
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Solaris Kernel Zones, a different vulnera…
|
NVD-CWE-noinfo
|
CVE-2015-4907
|
2024-11-21 11:31 |
2015-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
