|
275751
|
- |
|
google
debian
opensuse
|
chrome
debian_linux
opensuse
|
Google Chrome before 42.0.2311.90 does not always ask the user before proceeding with CONTENT_SETTINGS_TYPE_FULLSCREEN and CONTENT_SETTINGS_TYPE_MOUSELOCK changes, which allows user-assisted remote a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3336
|
2024-11-21 11:29 |
2015-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275752
|
- |
|
google
opensuse
|
chrome
opensuse
|
The NaClSandbox::InitializeLayerTwoSandbox function in components/nacl/loader/sandbox_linux/nacl_sandbox_linux.cc in Google Chrome before 42.0.2311.90 does not have RLIMIT_AS and RLIMIT_DATA limits f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3335
|
2024-11-21 11:29 |
2015-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275753
|
- |
|
google
debian
opensuse
|
chrome
debian_linux
opensuse
|
browser/ui/website_settings/website_settings.cc in Google Chrome before 42.0.2311.90 does not always display "Media: Allowed by you" in a Permissions table after the user has granted camera permissio…
|
CWE-17
Code
|
CVE-2015-3334
|
2024-11-21 11:29 |
2015-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275754
|
- |
|
google
debian
canonical
|
v8
debian_linux
ubuntu_linux
chrome
|
Multiple unspecified vulnerabilities in Google V8 before 4.2.77.14, as used in Google Chrome before 42.0.2311.90, allow attackers to cause a denial of service or possibly have other impact via unknow…
|
NVD-CWE-noinfo
|
CVE-2015-3333
|
2024-11-21 11:29 |
2015-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275755
|
- |
|
lenovo
|
thinkserver_system_manager_baseboard_management_controller_firmware
|
The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 does not validate server certificates during an "…
|
CWE-310
Cryptographic Issues
|
CVE-2015-3324
|
2024-11-21 11:29 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275756
|
- |
|
lenovo
|
thinkserver_system_manager_baseboard_management_controller_firmware
|
The ThinkServer System Manager (TSM) Baseboard Management Controller before firmware 1.27.73476 for ThinkServer RD350, RD450, RD550, RD650, and TD350 allows remote attackers to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2015-3323
|
2024-11-21 11:29 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275757
|
- |
|
lenovo
|
thinkserver_rd650_firmware
thinkserver_rd650
thinkserver_td350_firmware
thinkserver_td350
thinkserver_rd350_firmware
thinkserver_rd350
thinkserver_rd550_firmware
thinkserver_rd55…
|
Lenovo ThinkServer RD350, RD450, RD550, RD650, and TD350 servers before 1.26.0 use weak encryption to store (1) user and (2) administrator BIOS passwords, which allows attackers to decrypt the passwo…
|
CWE-310
Cryptographic Issues
|
CVE-2015-3322
|
2024-11-21 11:29 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275758
|
- |
|
lenovo
|
usb_enhanced_performance_keyboard
|
Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code in SKHOOKS.DLL, which allows local users to obtain keypress information by accessing debug output.
|
CWE-200
Information Exposure
|
CVE-2015-3320
|
2024-11-21 11:29 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275759
|
- |
|
hotspotexpress
|
hotex_billing_manager
|
Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script a…
|
CWE-200
Information Exposure
|
CVE-2015-3319
|
2024-11-21 11:29 |
2015-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275760
|
- |
|
fortinet
|
fortimail
|
FortiMail 5.0.3 through 5.2.3 allows remote administrators to obtain credentials via the "diag debug application httpd" command.
|
CWE-200
Information Exposure
|
CVE-2015-3293
|
2024-11-21 11:29 |
2015-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
