Export limit exceeded: 344069 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344069 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7874 | 1 Portapps | 1 Kitty Portable | 2024-11-21 | 9.8 Critical |
| Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname. | ||||
| CVE-2015-7851 | 1 Ntp | 1 Ntp | 2024-11-21 | 6.5 Medium |
| Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files. | ||||
| CVE-2015-7831 | 1 Cloudera | 1 Cdh | 2024-11-21 | 8.8 High |
| In Cloudera Hue, there is privilege escalation by a read-only user when CDH 5.x brefore 5.4.9 is used. | ||||
| CVE-2015-7810 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 4.7 Medium |
| libbluray MountManager class has a time-of-check time-of-use (TOCTOU) race when expanding JAR files | ||||
| CVE-2015-7731 | 1 Sap | 1 Mobile Platform | 2024-11-21 | 5.5 Medium |
| SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830. | ||||
| CVE-2015-7610 | 2 Synacor, Zimbra | 2 Zimbra Collaboration Suite, Zimbra Collaboration Suite | 2024-11-21 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token. | ||||
| CVE-2015-7609 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | N/A |
| Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra. | ||||
| CVE-2015-7598 | 1 Gemalto | 1 Safenet Authentication Service Tokenvalidator Proxy Agent | 2024-11-21 | N/A |
| SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | ||||
| CVE-2015-7597 | 1 Gemalto | 1 Safenet Authentication Service Iis Agent | 2024-11-21 | N/A |
| SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | ||||
| CVE-2015-7596 | 1 Gemalto | 1 Safenet Authentication Service End User Software Tools For Windows | 2024-11-21 | N/A |
| SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | ||||
| CVE-2015-7567 | 1 Yeager | 1 Yeager Cms | 2024-11-21 | 9.8 Critical |
| SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passwordreset&token" parameter. | ||||
| CVE-2015-7559 | 2 Apache, Redhat | 4 Activemq, Jboss A-mq, Jboss Amq and 1 more | 2024-11-21 | 2.7 Low |
| It was found that the Apache ActiveMQ client before 5.14.5 exposed a remote shutdown command in the ActiveMQConnection class. An attacker logged into a compromised broker could use this flaw to achieve denial of service on a connected client. | ||||
| CVE-2015-7556 | 1 Delegate | 1 Delegate | 2024-11-21 | 7.8 High |
| DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program. | ||||
| CVE-2015-7542 | 3 Aquamaniac, Debian, Opensuse | 3 Gwenhywfar, Debian Linux, Leap | 2024-11-21 | 5.3 Medium |
| A vulnerability exists in libgwenhywfar through 4.12.0 due to the usage of outdated bundled CA certificates. | ||||
| CVE-2015-7508 | 1 Netsurf-browser | 1 Libnsbmp | 2024-11-21 | 8.8 High |
| Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file. | ||||
| CVE-2015-7507 | 1 Netsurf-browser | 1 Libnsbmp | 2024-11-21 | 7.5 High |
| libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function. | ||||
| CVE-2015-7506 | 1 Netsurf-browser | 1 Libnsgif | 2024-11-21 | 6.5 Medium |
| The gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted LZW stream in a GIF file. | ||||
| CVE-2015-7505 | 1 Netsurf-browser | 1 Libnsgif | 2024-11-21 | 8.8 High |
| Stack-based buffer overflow in the gif_next_LZW function in libnsgif.c in Libnsgif 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted LZW stream in a GIF file. | ||||
| CVE-2015-7486 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108633. | ||||
| CVE-2015-7485 | 1 Ibm | 1 Rational Engineering Lifecycle Manager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2 iFix15, and 6.0 before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108626. | ||||