|
277931
|
- |
|
janitza
|
umg_511
umg_509
umg_508
umg_604
umg_605
|
The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which makes it easier for remote attackers to read or write to files via a session on TCP port 21.
|
CWE-255
Credentials Management
|
CVE-2015-3968
|
2024-11-21 11:30 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277932
|
- |
|
janitza
|
umg_511
umg_509
umg_508
umg_604
umg_605
|
Cross-site request forgery (CSRF) vulnerability on Janitza UMG 508, 509, 511, 604, and 605 devices allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-3967
|
2024-11-21 11:30 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277933
|
- |
|
afnetworking_project
|
afnetworking
|
The default AFSecurityPolicy.validatesDomainName configuration for AFSSLPinningModeNone in the AFNetworking framework before 2.5.3, as used in the ownCloud iOS Library, disables verification of a ser…
|
CWE-254
7PK - Security Features
|
CVE-2015-3996
|
2024-11-21 11:30 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277934
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4325
|
2024-11-21 11:30 |
2015-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277935
|
- |
|
cisco
|
ucs_b-series_blade_server_software
|
Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows local users to cause a denial of service (host OS or BMC hang) by sending crafted packets over the Inter-IC (I2C…
|
CWE-399
Resource Management Errors
|
CVE-2015-4265
|
2024-11-21 11:30 |
2015-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277936
|
- |
|
google
|
android
|
Media Player Framework in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bug 23223325.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3879
|
2024-11-21 11:30 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277937
|
- |
|
google
|
android
|
Media Projection in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to bypass an intended screen-recording warning feature and obtain sensitive screen-snapshot information …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3878
|
2024-11-21 11:30 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277938
|
- |
|
google
|
android
|
Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20723696.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3877
|
2024-11-21 11:30 |
2015-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277939
|
- |
|
mitsubishi_electric
|
melsec_fx3g
|
The HTTP application on Mitsubishi Electric MELSEC FX3G PLC devices before April 2015 allows remote attackers to cause a denial of service (device outage) via a long parameter.
|
CWE-399
Resource Management Errors
|
CVE-2015-3938
|
2024-11-21 11:30 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277940
|
- |
|
easyio
|
easyio-30p-sf_firmware
easyio-30p-sf
|
EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x before 2.0.5.21, as used in Accutrol, Bar-Tech Automation, Infocon/EasyIO, Honeywell Automation India, Johnson Controls, SyxthSENS…
|
CWE-255
Credentials Management
|
CVE-2015-3974
|
2024-11-21 11:30 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
