|
282011
|
- |
|
linuxcontainers
|
lxc
|
lxclock.c in LXC 1.1.2 and earlier allows local users to create arbitrary files via a symlink attack on /run/lock/lxc/*.
|
CWE-59
Link Following
|
CVE-2015-1331
|
2024-11-21 11:25 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282012
|
- |
|
symantec
|
endpoint_protection_manager
|
Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.
|
CWE-20
Improper Input Validation
|
CVE-2015-1492
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282013
|
- |
|
symantec
|
endpoint_protection_manager
|
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via u…
|
CWE-89
SQL Injection
|
CVE-2015-1491
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282014
|
- |
|
symantec
|
endpoint_protection_manager
|
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a rel…
|
CWE-22
Path Traversal
|
CVE-2015-1490
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282015
|
- |
|
symantec
|
endpoint_protection_manager
|
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1489
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282016
|
- |
|
symantec
|
endpoint_protection_manager
|
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown v…
|
CWE-200
Information Exposure
|
CVE-2015-1488
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282017
|
- |
|
symantec
|
endpoint_protection_manager
|
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator pri…
|
CWE-20
Improper Input Validation
|
CVE-2015-1487
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282018
|
- |
|
symantec
|
endpoint_protection_manager
|
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new…
|
CWE-287
Improper Authentication
|
CVE-2015-1486
|
2024-11-21 11:25 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282019
|
- |
|
google
opensuse
redhat
debian
|
chrome
opensuse
enterprise_linux_server_supplementary_eus
enterprise_linux_desktop_supplementary
enterprise_linux_server_supplementary
enterprise_linux_workstation_supplementary
deb…
|
Multiple unspecified vulnerabilities in Google Chrome before 44.0.2403.89 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2015-1289
|
2024-11-21 11:25 |
2015-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
282020
|
- |
|
google
debian
redhat
opensuse
|
chrome
debian_linux
enterprise_linux_server_supplementary_eus
enterprise_linux_desktop_supplementary
enterprise_linux_server_supplementary
enterprise_linux_workstation_supplementary
The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorre…
|
CWE-17
Code
|
CVE-2015-1288
|
2024-11-21 11:25 |
2015-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
