|
278511
|
- |
|
picketlink
|
picketlink
|
The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audience element when an AudienceRestriction is specified, which allows remote attackers to log in to ot…
|
CWE-284
Improper Access Control
|
CVE-2015-0277
|
2024-11-21 11:22 |
2015-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278512
|
- |
|
apache
apple
oracle
|
http_server
mac_os_x
mac_os_x_server
solaris
linux
|
The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initialize the protocol structure member, which allows remote attackers to cause a denial of service (NUL…
|
NVD-CWE-Other
|
CVE-2015-0253
|
2024-11-21 11:22 |
2015-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278513
|
- |
|
ibm
|
db2
|
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by leveragin…
|
CWE-20
Improper Input Validation
|
CVE-2015-0157
|
2024-11-21 11:22 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278514
|
- |
|
ibm
|
rational_doors_next_generation
rational_team_concert
rational_collaborative_lifecycle_management
rational_requirements_composer
rational_quality_manager
|
Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 4.x before 4.0.7 IF6 and 5.x before 5.0.2 IF5; Rational Qualit…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0130
|
2024-11-21 11:22 |
2015-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278515
|
- |
|
ibm
redhat
suse
|
java
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
enterprise_linux_server_aus
enterprise_linux_server_eus
linux_enterprise_server
linux_enterpris…
|
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via…
|
NVD-CWE-noinfo
|
CVE-2015-0192
|
2024-11-21 11:22 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278516
|
- |
|
ibm
|
websphere_commerce
|
CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 Cumulative iFix 2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response…
|
NVD-CWE-Other
|
CVE-2015-0196
|
2024-11-21 11:22 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278517
|
- |
|
ibm
|
leads
|
Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before …
|
CWE-79
Cross-site Scripting
|
CVE-2015-0131
|
2024-11-21 11:22 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278518
|
- |
|
ibm
|
leads
|
IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 does not properly restrict use of …
|
CWE-254
7PK - Security Features
|
CVE-2015-0127
|
2024-11-21 11:22 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278519
|
- |
|
ibm
|
leads
|
IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users …
|
NVD-CWE-Other
|
CVE-2015-0126
|
2024-11-21 11:22 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278520
|
- |
|
ibm
|
websphere_message_broker
integration_bus
|
IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 8005 IF1 and Integration Toolkit 9 before 9003 IF1 are distributed with MQ client JAR files that support only weak TLS ciphers, whi…
|
CWE-310
Cryptographic Issues
|
CVE-2015-0118
|
2024-11-21 11:22 |
2015-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
