|
283001
|
- |
|
easing_slider_project
|
easing_slider
|
Cross-site scripting (XSS) vulnerability in the Easing Slider plugin before 2.2.0.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the edit parameter in the (1) easi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1436
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283002
|
- |
|
mylittleforum
|
my_little_forum
|
Cross-site scripting (XSS) vulnerability in my little forum before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via the back parameter to index.php.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1435
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283003
|
- |
|
mylittleforum
|
my_little_forum
|
Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category…
|
CWE-89
SQL Injection
|
CVE-2015-1434
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283004
|
- |
|
topline_systems
|
opportunity_form
|
Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not properly restrict access to database-connection strings, which allows attackers to read the cleartext version of sensitive crede…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1608
|
2024-11-21 11:25 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283005
|
- |
|
google
|
android
|
Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial…
|
CWE-189
Numeric Errors
|
CVE-2015-1474
|
2024-11-21 11:25 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283006
|
- |
|
google
|
email
|
The Google Email application 4.2.2.0200 for Android allows remote attackers to cause a denial of service (persistent application crash) via a "Content-Disposition: ;" header in an e-mail message.
|
CWE-19
Data Processing Errors
|
CVE-2015-1574
|
2024-11-21 11:25 |
2015-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283007
|
- |
|
openldap
opensuse
apple
|
openldap
opensuse
mac_os_x
|
Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause a denial of service (crash) via a crafted search query with a matc…
|
NVD-CWE-Other
|
CVE-2015-1546
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283008
|
- |
|
openldap
|
openldap
|
The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty…
|
NVD-CWE-Other
|
CVE-2015-1545
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283009
|
- |
|
pragyan_cms_project
|
pragyan_cms
|
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.
|
CWE-89
SQL Injection
|
CVE-2015-1471
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
283010
|
- |
|
gnu
opensuse
|
grep
opensuse
|
The bmexec_trans function in kwset.c in grep 2.19 through 2.21 allows local users to cause a denial of service (out-of-bounds heap read and crash) via crafted input when using the -F option.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1345
|
2024-11-21 11:25 |
2015-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
