|
277521
|
- |
|
sensiolabs
|
symfony
|
FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if …
|
CWE-284
Improper Access Control
|
CVE-2015-4050
|
2024-11-21 11:30 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277522
|
- |
|
djangoproject
|
django
|
The session.flush function in the cached_db backend in Django 1.8.x before 1.8.2 does not properly flush the session, which allows remote attackers to hijack user sessions via an empty string in the …
|
NVD-CWE-Other
|
CVE-2015-3982
|
2024-11-21 11:30 |
2015-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277523
|
- |
|
ids
|
nc854
nc856
|
Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows remote authenticated users to read arbitrary files via unspecified vectors involving an internal web s…
|
CWE-22
Path Traversal
|
CVE-2015-3939
|
2024-11-21 11:30 |
2015-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277524
|
- |
|
blue_coat
|
ssl_visibility_appliance_sv1800_firmware
ssl_visibility_appliance_sv800_firmware
ssl_visibility_appliance_sv3800_firmware
ssl_visibility_appliance_sv2800_firmware
|
The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the administ…
|
CWE-200
Information Exposure
|
CVE-2015-4138
|
2024-11-21 11:30 |
2015-05-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277525
|
- |
|
arcserve
|
arcserve_unified_data_protection
|
The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive credentials via a crafted SOAP request to the (1) getBackupPolicy or (2) getBackupPolic…
|
CWE-200
Information Exposure
|
CVE-2015-4069
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277526
|
- |
|
dell
|
netvault_backup
|
Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers to execute arbitrary code via crafted template string specifiers in a serialized object, which trig…
|
CWE-189
Numeric Errors
|
CVE-2015-4067
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277527
|
- |
|
wavelink
|
connectpro
|
Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) service in Wavelink ConnectPro allows remote attackers to execute arbitrary code via a large HTTP header.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4060
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277528
|
- |
|
wavelink
|
terminal_emulation
|
Heap-based buffer overflow in the License Server (LicenseServer.exe) in Wavelink Terminal Emulation (TE) allows remote attackers to execute arbitrary code via a large HTTP header.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4059
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277529
|
- |
|
ipsec-tools
canonical
fedoraproject
f5
debian
|
ipsec-tools
ubuntu_linux
fedora
big-ip_application_acceleration_manager
big-ip_local_traffic_manager
big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_access_policy_manage…
|
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-4047
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277530
|
- |
|
visual_mining
|
netcharts_server
|
projectContents.jsp in the Developer tools in Visual Mining NetCharts Server allows remote attackers to rename arbitrary files, and consequently execute them, via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4032
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
