|
274751
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across different customers' installations, which makes it easier for local users to defeat cryptographic protecti…
|
CWE-200
Information Exposure
|
CVE-2015-6414
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274752
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiti…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6413
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274753
|
- |
|
cisco
|
emergency_responder
|
Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locations via a crafted parameter, aka Bug ID CSCuv25501.
|
CWE-20
Improper Input Validation
|
CVE-2015-6407
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274754
|
- |
|
cisco
|
emergency_responder
|
Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) allows remote authenticated users to write to arbitrary files via a crafted filename, aka Bug ID CSCuv…
|
CWE-22
Path Traversal
|
CVE-2015-6406
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274755
|
- |
|
cisco
|
emergency_responder
|
Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv26501.
|
CWE-352
Origin Validation Error
|
CVE-2015-6405
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274756
|
- |
|
cisco
|
emergency_responder
|
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 10.5(1a) allow remote attackers to inject arbitrary web script or HTML via unspecified fields, aka Bug ID CSCuv25547.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6400
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274757
|
- |
|
cisco
|
prime_collaboration_assurance
|
Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account'…
|
CWE-287
Improper Authentication
|
CVE-2015-6389
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274758
|
- |
|
cisco
|
dpc3939_wireless_residential_voice_gateway_firmware
|
The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows remote authenticated users to execute arbitrary commands via unspecified fields, aka Bug ID CSCuw8617…
|
CWE-20
Improper Input Validation
|
CVE-2015-6361
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274759
|
- |
|
cisco
|
firesight_system_software
|
Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote authenticated users to read arbitrary files via a crafted GET request, aka Bug ID CSCur25410.
|
CWE-200
Information Exposure
|
CVE-2015-6419
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274760
|
- |
|
cisco
|
unified_computing_system
|
Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote attackers to cause a denial of service (CPU consumption or device outage) via a SYN flood on the SSH po…
|
CWE-399
Resource Management Errors
|
CVE-2015-6415
|
2024-11-21 11:34 |
2015-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
