Search Results | AttackerKB

Show filters

Topics 180 Users 9,730

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

180 Total Results

Displaying 141-150 of 180

Attacker Value

Unknown

CVE-2015-7032

Disclosure Date: October 18, 2015 (last updated October 05, 2023)

The Apple iWork application before 2.6 for iOS, Apple Keynote before 6.6, Apple Pages before 5.6, and Apple Numbers before 3.6 allow remote attackers to obtain sensitive information via a crafted document.

0

Attacker Value

Unknown

CVE-2015-7034

Disclosure Date: October 18, 2015 (last updated October 05, 2023)

The Apple iWork application before 2.6 for iOS and Apple Pages before 5.6 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted Pages document.

0

Attacker Value

Unknown

CVE-2015-0145

Disclosure Date: October 03, 2015 (last updated October 05, 2023)

Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

0

Attacker Value

Unknown

CVE-2015-0143

Disclosure Date: October 03, 2015 (last updated October 05, 2023)

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to obtain sensitive information by reading error messages.

0

Attacker Value

Unknown

CVE-2015-0141

Disclosure Date: October 03, 2015 (last updated October 05, 2023)

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to modify arbitrary user filters via a JSON request.

0

Attacker Value

Unknown

CVE-2014-8916

Disclosure Date: October 03, 2015 (last updated October 05, 2023)

Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0144.

0

Attacker Value

Unknown

CVE-2015-0142

Disclosure Date: October 03, 2015 (last updated October 05, 2023)

IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to cause a denial of service (maintenance-mode transition and data-storage outage) by calling the System Administration Mode function.

0

Attacker Value

Unknown

CVE-2015-0144

Disclosure Date: October 03, 2015 (last updated October 05, 2023)

Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8916.

0

Attacker Value

Unknown

CVE-2015-3784

Disclosure Date: August 16, 2015 (last updated October 05, 2023)

Office Viewer in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

0

Attacker Value

Unknown

CVE-2015-4065

Disclosure Date: May 27, 2015 (last updated October 05, 2023)

Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the post parameter to wp-admin/post-new.php.

0