|
278101
|
5.4 |
MEDIUM
Network
|
eidogo
|
eidogo
|
EidoGo is susceptible to Cross-Site Scripting (XSS) attacks via maliciously crafted SGF input.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3172
|
2024-11-21 11:28 |
2022-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278102
|
6.5 |
MEDIUM
Network
|
juniper
|
junos
|
On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys o…
|
CWE-331
Insufficient Entropy
|
CVE-2015-3006
|
2024-11-21 11:28 |
2020-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278103
|
6.1 |
MEDIUM
Network
|
apache
|
struts
|
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2992
|
2024-11-21 11:28 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278104
|
6.5 |
MEDIUM
Adjacent
|
freebsd
|
freebsd
|
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advert…
|
CWE-20
Improper Input Validation
|
CVE-2015-2923
|
2024-11-21 11:28 |
2020-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278105
|
9.8 |
CRITICAL
Network
|
netvu
|
dv-ip_express_firmware
sd-advanced_-_sdhd_firmware
sd-advanced_8\/12\/16_vga_firmware
sd_advanced_closed_iptv_\(m3u\)_firmware
sd_advanced_non_closed_iptv_\(m3u\)_firmware
sd_advanced_…
|
Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the administrator configures login credentials, which makes it easier for remote a…
|
CWE-269
Improper Privilege Management
|
CVE-2015-2909
|
2024-11-21 11:28 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278106
|
7.5 |
HIGH
Network
|
hp
|
asset_manager
asset_manager_cloudsystem_chargeback
sitescope
|
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem …
|
CWE-200
Information Exposure
|
CVE-2015-2802
|
2024-11-21 11:28 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278107
|
6.1 |
MEDIUM
Network
|
zend
|
zend_framework
|
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct H…
|
CWE-74
Injection
|
CVE-2015-3154
|
2024-11-21 11:28 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278108
|
7.5 |
HIGH
Network
|
torproject
|
tor
|
The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and app…
|
NVD-CWE-noinfo
|
CVE-2015-2929
|
2024-11-21 11:28 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278109
|
7.5 |
HIGH
Network
|
torproject
|
tor
|
The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and d…
|
NVD-CWE-noinfo
|
CVE-2015-2928
|
2024-11-21 11:28 |
2020-01-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
278110
|
9.8 |
CRITICAL
Network
|
papercrop_project
|
papercrop
|
The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.
|
CWE-20
Improper Input Validation
|
CVE-2015-2784
|
2024-11-21 11:28 |
2020-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
