|
279761
|
- |
|
ibm
|
business_process_manager
|
The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated us…
|
CWE-284
Improper Access Control
|
CVE-2015-1961
|
2024-11-21 11:26 |
2015-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279762
|
6.5 |
MEDIUM
Network
|
oracle
openssl
|
supply_chain_products_suite
jd_edwards_enterpriseone_tools
openssl
opus_10g_ethernet_switch_family
|
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative …
|
CWE-254
7PK - Security Features
|
CVE-2015-1793
|
2024-11-21 11:26 |
2015-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279763
|
- |
|
shibboleth
|
identity_provider
opensaml_java
|
The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID,…
|
CWE-254
7PK - Security Features
|
CVE-2015-1796
|
2024-11-21 11:26 |
2015-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279764
|
- |
|
hp
|
hp-ux
|
Unspecified vulnerability in pppoec in HP HP-UX 11iv2 and 11iv3 allows local users to gain privileges by leveraging setuid permissions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2126
|
2024-11-21 11:26 |
2015-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279765
|
- |
|
ibm
|
tivoli_federated_identity_manager
|
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1966
|
2024-11-21 11:26 |
2015-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279766
|
- |
|
ibm
|
java
|
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.
|
NVD-CWE-noinfo
|
CVE-2015-1916
|
2024-11-21 11:26 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279767
|
- |
|
ibm
|
java
|
IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vec…
|
CWE-200
Information Exposure
|
CVE-2015-1914
|
2024-11-21 11:26 |
2015-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279768
|
- |
|
cryptopp
opensuse
|
crypto\+\+_library
opensuse
|
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remot…
|
CWE-200
Information Exposure
|
CVE-2015-2141
|
2024-11-21 11:26 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279769
|
- |
|
ibm
|
websphere_mq
|
MQ Explorer in IBM WebSphere MQ before 8.0.0.3 does not recognize the absence of the compatibility-mode option, which allows remote attackers to obtain sensitive information by sniffing the network f…
|
CWE-200
Information Exposure
|
CVE-2015-1967
|
2024-11-21 11:26 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279770
|
- |
|
ibm
|
maximo_asset_management
|
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before 7.6.0.0 IFIX005 does not prevent caching of HTTPS responses, which allows physically proximate attacke…
|
CWE-200
Information Exposure
|
CVE-2015-1951
|
2024-11-21 11:26 |
2015-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
