|
278921
|
- |
|
extplorer
|
extplorer
|
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0896
|
2024-11-21 11:23 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278922
|
- |
|
cisco
|
content_services_switch_11500_firmware
|
The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted …
|
CWE-284
Improper Access Control
|
CVE-2015-0667
|
2024-11-21 11:23 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278923
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted m…
|
CWE-20
Improper Input Validation
|
CVE-2015-0664
|
2024-11-21 11:23 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278924
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.
|
CWE-22
Path Traversal
|
CVE-2015-0665
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278925
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0663
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278926
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0662
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278927
|
- |
|
fedoraproject
suse
opensuse
|
fedora
opensuse_osc
opensuse
|
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
|
CWE-77
Command Injection
|
CVE-2015-0778
|
2024-11-21 11:23 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278928
|
- |
|
cisco
|
telepresence_server_software
|
Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller admini…
|
CWE-284
Improper Access Control
|
CVE-2015-0660
|
2024-11-21 11:23 |
2015-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278929
|
- |
|
cisco
|
intrusion_prevention_system
|
Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of servic…
|
CWE-362
Race Condition
|
CVE-2015-0654
|
2024-11-21 11:23 |
2015-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278930
|
- |
|
cisco
|
expressway_software
telepresence_conductor
telepresence_video_communication_server_software
|
The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2…
|
CWE-287
Improper Authentication
|
CVE-2015-0653
|
2024-11-21 11:23 |
2015-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
