|
276551
|
- |
|
google
|
android
|
libstagefright in Android 5.x before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 2072105…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7716
|
2024-11-21 11:37 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276552
|
- |
|
cisco
|
vpn_client
|
Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the Applica…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7600
|
2024-11-21 11:37 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276553
|
- |
|
email-address_project
|
email-address
|
Algorithmic complexity vulnerability in Address.pm in the Email-Address module 1.908 and earlier for Perl allows remote attackers to cause a denial of service (CPU consumption) via a crafted string c…
|
CWE-20
CWE-399
Improper Input Validation
Resource Management Errors
|
CVE-2015-7686
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276554
|
- |
|
arkeia
|
western_digital_arkeia
|
The arkeiad daemon in the Arkeia Backup Agent in Western Digital Arkeia 11.0.12 and earlier allows remote attackers to bypass authentication and execute arbitrary commands via a series of crafted req…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7709
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276555
|
- |
|
4homepages
|
4images
|
Cross-site scripting (XSS) vulnerability in 4images 1.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the cat_description parameter in an updatecat action to admin…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7708
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276556
|
- |
|
igniterealtime
|
openfire
|
Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7707
|
2024-11-21 11:37 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276557
|
- |
|
glpi-project
|
glpi
|
GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the _profiles_id parameter to front/user.form.php.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7685
|
2024-11-21 11:37 |
2015-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276558
|
- |
|
glpi-project
|
glpi
|
Unrestricted file upload in GLPI before 0.85.3 allows remote authenticated users to execute arbitrary code by adding a file with an executable extension as an attachment to a new ticket, then accessi…
|
NVD-CWE-Other
|
CVE-2015-7684
|
2024-11-21 11:37 |
2015-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276559
|
- |
|
mcafee
|
vulnerability_manager
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations page in Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.9 and earlier allow remote attackers to hijack the…
|
CWE-352
Origin Validation Error
|
CVE-2015-7612
|
2024-11-21 11:37 |
2015-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276560
|
- |
|
splunk
|
splunk
|
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via u…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7604
|
2024-11-21 11:37 |
2015-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
