|
277401
|
- |
|
janitza
|
umg_511
umg_509
umg_508
umg_604
umg_605
|
Janitza UMG 508, 509, 511, 604, and 605 devices allow remote attackers to obtain sensitive network-connection information via a request to UDP port (1) 1234 or (2) 1235.
|
CWE-200
Information Exposure
|
CVE-2015-3969
|
2024-11-21 11:30 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277402
|
- |
|
janitza
|
umg_511
umg_509
umg_508
umg_604
umg_605
|
The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which makes it easier for remote attackers to read or write to files via a session on TCP port 21.
|
CWE-255
Credentials Management
|
CVE-2015-3968
|
2024-11-21 11:30 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277403
|
- |
|
janitza
|
umg_511
umg_509
umg_508
umg_604
umg_605
|
Cross-site request forgery (CSRF) vulnerability on Janitza UMG 508, 509, 511, 604, and 605 devices allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-3967
|
2024-11-21 11:30 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277404
|
- |
|
afnetworking_project
|
afnetworking
|
The default AFSecurityPolicy.validatesDomainName configuration for AFSSLPinningModeNone in the AFNetworking framework before 2.5.3, as used in the ownCloud iOS Library, disables verification of a ser…
|
CWE-254
7PK - Security Features
|
CVE-2015-3996
|
2024-11-21 11:30 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277405
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4325
|
2024-11-21 11:30 |
2015-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277406
|
- |
|
cisco
|
ucs_b-series_blade_server_software
|
Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows local users to cause a denial of service (host OS or BMC hang) by sending crafted packets over the Inter-IC (I2C…
|
CWE-399
Resource Management Errors
|
CVE-2015-4265
|
2024-11-21 11:30 |
2015-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277407
|
- |
|
google
|
android
|
Media Player Framework in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bug 23223325.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3879
|
2024-11-21 11:30 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277408
|
- |
|
google
|
android
|
Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to bypass an intended screen-recording warning feature and obtain sensitive screen-snapshot information …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3878
|
2024-11-21 11:30 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277409
|
- |
|
google
|
android
|
Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20723696.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3877
|
2024-11-21 11:30 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277410
|
- |
|
mitsubishi_electric
|
melsec_fx3g
|
The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices before April 2015 allows remote attackers to cause a denial of service (device outage) via a long parameter.
|
CWE-399
Resource Management Errors
|
CVE-2015-3938
|
2024-11-21 11:30 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
