|
279721
|
- |
|
theforeman
|
foreman
|
Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate.
|
CWE-310
Cryptographic Issues
|
CVE-2015-1816
|
2024-11-21 11:26 |
2015-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279722
|
- |
|
gnu
opensuse
fedoraproject
|
libidn
opensuse
fedora
|
The stringprep_utf8_to_ucs4 function in libin before 1.31, as used in jabberd2, allows context-dependent attackers to read system memory and possibly have other unspecified impact via invalid UTF-8 c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2059
|
2024-11-21 11:26 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279723
|
- |
|
jabberd2
|
jabberd2
|
c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other u…
|
CWE-200
Information Exposure
|
CVE-2015-2058
|
2024-11-21 11:26 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279724
|
- |
|
redhat
clusterlabs
|
enterprise_linux_high_availability
enterprise_linux_resilient_storage
pacemaker
|
Pacemaker before 1.1.13 does not properly evaluate added nodes, which allows remote read-only users to gain privileges via an acl command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1867
|
2024-11-21 11:26 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279725
|
- |
|
redhat
|
jboss_bpm_suite
|
XML external entity (XXE) vulnerability in the dashbuilder import facility (DocumentBuilders in org.jboss.dashboard.export.ImportManagerImpl) in Red Hat JBoss BPM Suite before 6.1.2 allows remote att…
|
NVD-CWE-Other
|
CVE-2015-1818
|
2024-11-21 11:26 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279726
|
- |
|
google
linux
|
android
linux_kernel
|
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inat…
|
CWE-17
Code
|
CVE-2015-1805
|
2024-11-21 11:26 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279727
|
- |
|
ibm
|
websphere_mq_light
|
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 an…
|
CWE-399
Resource Management Errors
|
CVE-2015-1987
|
2024-11-21 11:26 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279728
|
- |
|
ibm
|
websphere_datapower_xc10_appliance_firmware
|
The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by e…
|
CWE-200
Information Exposure
|
CVE-2015-1970
|
2024-11-21 11:26 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279729
|
- |
|
ibm
|
websphere_mq_light
|
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1956 an…
|
CWE-399
Resource Management Errors
|
CVE-2015-1958
|
2024-11-21 11:26 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279730
|
- |
|
ibm
|
websphere_mq_light
|
IBM MQ Light before 1.0.0.2 allows remote attackers to cause a denial of service (disk consumption) via a crafted byte sequence in authentication data, a different vulnerability than CVE-2015-1958 an…
|
CWE-399
Resource Management Errors
|
CVE-2015-1956
|
2024-11-21 11:26 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
