Total
5442 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-1608 | 1 Topline Systems | 1 Opportunity Form | 2024-08-06 | N/A |
Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not properly restrict access to database-connection strings, which allows attackers to read the cleartext version of sensitive credential and e-mail address information via unspecified vectors. | ||||
CVE-2015-1551 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-08-06 | N/A |
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to read arbitrary files via unspecified vectors. | ||||
CVE-2015-1593 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Enterprise Mrg and 1 more | 2024-08-06 | N/A |
The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c. | ||||
CVE-2015-1591 | 1 Kamailio | 1 Kamailio | 2024-08-06 | N/A |
The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges. | ||||
CVE-2015-1590 | 1 Kamailio | 1 Kamailio | 2024-08-06 | N/A |
The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailio_ctl. | ||||
CVE-2015-1515 | 1 Softsphere | 1 Defensewall Personal Firewall | 2024-08-06 | N/A |
The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call. | ||||
CVE-2015-1481 | 1 Ansible | 1 Tower | 2024-08-06 | N/A |
Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account. | ||||
CVE-2015-1498 | 1 Persistent Systems | 1 Radia Client Automation | 2024-08-06 | N/A |
Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to (1) enumerate user accounts via a getUsers request, (2) assign a role to a user account via an addAssigneesToRole request, (3) remove a role from a user account via a removeAssigneesFromRole request, or (4) have other unspecified impact. | ||||
CVE-2015-1489 | 1 Symantec | 1 Endpoint Protection Manager | 2024-08-06 | N/A |
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors. | ||||
CVE-2015-1496 | 1 Motorola | 1 Motorola Scanner Sdk | 2024-08-06 | N/A |
Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors. | ||||
CVE-2015-1499 | 1 Samsung | 1 Samsung Security Manager | 2024-08-06 | N/A |
The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request. | ||||
CVE-2015-1375 | 1 Pixabay Images Project | 1 Pixabay Images | 2024-08-06 | N/A |
pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files. | ||||
CVE-2015-1448 | 1 Siemens | 5 Ruggedcom Firmware, Ruggedcom Win5100, Ruggedcom Win5200 and 2 more | 2024-08-06 | N/A |
The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors. | ||||
CVE-2015-1458 | 1 Fortinet | 1 Fortiauthenticator | 2024-08-06 | N/A |
Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command. | ||||
CVE-2015-1378 | 1 Grml | 1 Grml-debootstrap | 2024-08-06 | N/A |
cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users. | ||||
CVE-2015-1416 | 1 Freebsd | 1 Freebsd | 2024-08-06 | N/A |
Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file. | ||||
CVE-2015-1293 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
The DOM implementation in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy via unspecified vectors. | ||||
CVE-2015-1356 | 1 Siemens | 1 Simatic Step 7 | 2024-08-06 | N/A |
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file. | ||||
CVE-2015-1292 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-08-06 | N/A |
The NavigatorServiceWorker::serviceWorker function in modules/serviceworkers/NavigatorServiceWorker.cpp in Blink, as used in Google Chrome before 45.0.2454.85, allows remote attackers to bypass the Same Origin Policy by accessing a Service Worker. | ||||
CVE-2015-1344 | 1 Canonical | 2 Lxcfs, Ubuntu Linux | 2024-08-06 | N/A |
The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions, which allows local users to gain privileges by writing a pid to the tasks file. |