|
281511
|
- |
|
webform_project
|
webform
|
Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3.23, and 7.x-4.x before 7.x-4.5 for Drupal allows remote authenticated users with certain permissio…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4374
|
2024-11-21 11:30 |
2015-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281512
|
- |
|
xen
|
xen
|
The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via …
|
CWE-399
Resource Management Errors
|
CVE-2015-4164
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281513
|
- |
|
xen
|
xen
|
GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hyperca…
|
NVD-CWE-Other
|
CVE-2015-4163
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281514
|
- |
|
elastic
|
logstash
|
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references …
|
CWE-22
Path Traversal
|
CVE-2015-4152
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281515
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
hostapd
opensuse
|
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remo…
|
NVD-CWE-noinfo
|
CVE-2015-4146
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281516
|
- |
|
w1.fi
opensuse
|
hostapd
opensuse
wpa_supplicant
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of se…
|
CWE-399
Resource Management Errors
|
CVE-2015-4145
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281517
|
- |
|
opensuse
w1.fi
|
opensuse
hostapd
wpa_supplicant
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attacke…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4144
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281518
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
hostapd
opensuse
|
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4143
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281519
|
- |
|
w1.fi
redhat
opensuse
|
wpa_supplicant
enterprise_linux_hpc_node
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
hostapd
opensuse
|
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a de…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4142
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
281520
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
hostapd
opensuse
|
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a n…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4141
|
2024-11-21 11:30 |
2015-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
