|
212371
|
- |
|
mass_contact_project
|
mass_contact
|
Cross-site scripting (XSS) vulnerability in the Mass Contact module 6.x-1.x before 6.x-1.6 and 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users with the "administer mass contact" p…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6807
|
2024-11-21 11:35 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212372
|
- |
|
google
|
chrome
|
Google Chrome before 45.0.2454.85 does not display a location bar for a hosted app's window after navigation away from the installation site, which might make it easier for remote attackers to spoof …
|
CWE-254
7PK - Security Features
|
CVE-2015-6583
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212373
|
- |
|
google
|
chrome
|
The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote a…
|
CWE-254
7PK - Security Features
|
CVE-2015-6582
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212374
|
- |
|
google
|
chrome
|
Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 45.0.2454.85, allows remote attackers to…
|
NVD-CWE-Other
|
CVE-2015-6581
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212375
|
- |
|
google
|
v8
chrome
|
Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before 45.0.2454.85, allow attackers to cause a denial of service or possibly have other impact via unkno…
|
NVD-CWE-noinfo
|
CVE-2015-6580
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212376
|
- |
|
webgroupmedia
|
cerb
|
Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account …
|
CWE-352
Origin Validation Error
|
CVE-2015-6545
|
2024-11-21 11:35 |
2015-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212377
|
- |
|
xen
|
xen
|
The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not limit the number of printk console messages when reporting a failure to retrieve a reference on a for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6654
|
2024-11-21 11:35 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212378
|
- |
|
bestpractical
|
request_tracker
|
Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) before 4.2.12 allows remote attackers to inject arbitrary web script or HTML via a crafted public key.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6506
|
2024-11-21 11:35 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212379
|
- |
|
medhabidotcom
|
mdc_private_message
|
Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the message field in a priv…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6805
|
2024-11-21 11:35 |
2015-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212380
|
- |
|
openafs
debian
|
openafs
debian_linux
|
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted regular expression in a VL_ListAttributesN2 RPC.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6587
|
2024-11-21 11:35 |
2015-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
