|
212671
|
- |
|
sap
|
hana
|
The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vector…
|
CWE-200
Information Exposure
|
CVE-2015-7991
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212672
|
- |
|
sap
|
hana
|
SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopyd…
|
CWE-20
Improper Input Validation
|
CVE-2015-7828
|
2024-11-21 11:37 |
2015-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212673
|
- |
|
echo_project
|
echo
|
The Echo extension for MediWiki does not properly implement the hideuser functionality, which allows remote authenticated users to see hidden usernames in "non-revision based" notifications, as demon…
|
CWE-200
Information Exposure
|
CVE-2015-8007
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212674
|
- |
|
pagetriage_project
|
pagetriage
|
Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension for MediWiki allows remote attackers to inject arbitrary web script or HTML via the page title.
|
CWE-79
Cross-site Scripting
|
CVE-2015-8006
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212675
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail ImageMagick command line argument, which allows remote attackers to obtain the installation path by reading…
|
CWE-200
Information Exposure
|
CVE-2015-8005
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212676
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8004
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212677
|
- |
|
mediawiki
|
mediawiki
|
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not throttle file uploads, which allows remote authenticated users to have unspecified impact via multiple file uploads.
|
CWE-399
Resource Management Errors
|
CVE-2015-8003
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212678
|
- |
|
mediawiki
|
mediawiki
|
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 allows remote authenticated users to cause a denial of service (disk consumption) via a …
|
CWE-399
Resource Management Errors
|
CVE-2015-8002
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212679
|
- |
|
mediawiki
|
mediawiki
|
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not restrict the uploaded data to the claimed file size, which allows remote authen…
|
CWE-284
Improper Access Control
|
CVE-2015-8001
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212680
|
- |
|
w1.fi
opensuse
|
wpa_supplicant
opensuse
hostapd
|
Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a denial of service (process crash or infinite loop) via a lar…
|
CWE-189
Numeric Errors
|
CVE-2015-8041
|
2024-11-21 11:37 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
