|
273901
|
7.8 |
HIGH
Local
|
watchguard
|
panda_url_filtering
|
Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda…
|
CWE-276
Incorrect Default Permissions
|
CVE-2015-7378
|
2024-11-21 11:36 |
2016-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273902
|
7.8 |
HIGH
Local
|
opensuse
|
opensuse
|
Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a cra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7552
|
2024-11-21 11:36 |
2016-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273903
|
5.5 |
MEDIUM
Local
|
giflib_project
fedoraproject
|
giflib
fedora
|
Heap-based buffer overflow in giffix.c in giffix in giflib 5.1.1 allows attackers to cause a denial of service (program crash) via crafted image and logical screen width fields in a GIF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7555
|
2024-11-21 11:36 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273904
|
9.8 |
CRITICAL
Network
|
git_project
canonical
redhat
opensuse
|
git
ubuntu_linux
software_collections
opensuse
|
The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properly restrict the allowed prot…
|
CWE-20
CWE-284
Improper Input Validation
Improper Access Control
|
CVE-2015-7545
|
2024-11-21 11:36 |
2016-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273905
|
6.1 |
MEDIUM
Network
|
apache
|
wicket
|
Multiple cross-site scripting (XSS) vulnerabilities in the (1) RadioGroup and (2) CheckBoxMultipleChoice classes in Apache Wicket 1.5.x before 1.5.15, 6.x before 6.22.0, and 7.x before 7.2.0 allow re…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7520
|
2024-11-21 11:36 |
2016-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273906
|
5.3 |
MEDIUM
Network
|
kubernetes
redhat
|
kubernetes
openshift
|
Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name.
|
CWE-200
Information Exposure
|
CVE-2015-7528
|
2024-11-21 11:36 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273907
|
5.1 |
MEDIUM
Local
|
redhat
|
cloudforms_management_engine
cloudforms
|
Red Hat CloudForms 3.2 Management Engine (CFME) 5.4.4 and CloudForms 4.0 Management Engine (CFME) 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users …
|
CWE-200
Information Exposure
|
CVE-2015-7502
|
2024-11-21 11:36 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273908
|
8.8 |
HIGH
Network
|
puppet
|
puppet_enterprise
|
Puppet Enterprise 2015.3 before 2015.3.1 allows remote attackers to bypass a host whitelist protection mechanism by leveraging the Puppet communications protocol.
|
CWE-254
7PK - Security Features
|
CVE-2015-7330
|
2024-11-21 11:36 |
2016-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273909
|
8.4 |
HIGH
Local
|
apple
ruby-lang
|
mac_os_x
ruby
|
The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles …
|
CWE-20
Improper Input Validation
|
CVE-2015-7551
|
2024-11-21 11:36 |
2016-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273910
|
4.3 |
MEDIUM
Network
|
ibm
|
websphere_process_server
business_process_manager
|
Business Space in IBM WebSphere Process Server 6.1.2.0 through 7.0.0.5 and Business Process Manager Advanced 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7454
|
2024-11-21 11:36 |
2016-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
