|
283091
|
- |
|
microsoft
|
office
|
Cross-site scripting (XSS) vulnerability in Microsoft Office for Mac 2011 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Outlook App for Mac XS…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1639
|
2024-11-21 11:25 |
2015-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283092
|
- |
|
microsoft
|
windows_server_2012
|
Microsoft Active Directory Federation Services (AD FS) 3.0 on Windows Server 2012 R2 does not properly handle logoff actions, which allows remote attackers to bypass intended access restrictions by l…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1638
|
2024-11-21 11:25 |
2015-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283093
|
- |
|
freebsd
|
freebsd
|
The bsdinstall installer in FreeBSD 10.x before 10.1 p9, when configuring full disk encrypted ZFS, uses world-readable permissions for the GELI keyfile (/boot/encryption.key), which allows local user…
|
CWE-200
Information Exposure
|
CVE-2015-1415
|
2024-11-21 11:25 |
2015-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283094
|
- |
|
canonical
oxide_project
|
ubuntu_linux
oxide
|
Use-after-free vulnerability in Oxide before 1.5.6 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code by deleting all WebContents w…
|
NVD-CWE-Other
|
CVE-2015-1317
|
2024-11-21 11:25 |
2015-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283095
|
- |
|
canonical
gnu
|
ubuntu_linux
glibc
|
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca functi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1473
|
2024-11-21 11:25 |
2015-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283096
|
- |
|
canonical
gnu
|
ubuntu_linux
glibc
|
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attac…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1472
|
2024-11-21 11:25 |
2015-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283097
|
- |
|
siemens
|
simatic_step_7
|
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data within project files, which makes it easier for local users to determine cleartext (1) protection-leve…
|
CWE-200
Information Exposure
|
CVE-2015-1602
|
2024-11-21 11:25 |
2015-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283098
|
- |
|
siemens
|
simatic_step_7
|
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 allows man-in-the-middle attackers to obtain sensitive information or modify transmitted data via unspecified vectors.
|
CWE-254
7PK - Security Features
|
CVE-2015-1601
|
2024-11-21 11:25 |
2015-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283099
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
The IPv4 implementation in the Linux kernel before 3.18.8 does not properly consider the length of the Read-Copy Update (RCU) grace period for redirecting lookups in the absence of caching, which all…
|
CWE-17
Code
|
CVE-2015-1465
|
2024-11-21 11:25 |
2015-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283100
|
- |
|
fedoraproject
mongodb
|
fedora
mongodb
|
MongoDB before 2.4.13 and 2.6.x before 2.6.8 allows remote attackers to cause a denial of service via a crafted UTF-8 string in a BSON request.
|
CWE-20
Improper Input Validation
|
CVE-2015-1609
|
2024-11-21 11:25 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
