|
272841
|
- |
|
unit4
|
teta_web
|
Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not properly restrict access to the (1) Design Mode and (2) Debug Logger mode modules, which allows remote attackers to gain privileges …
|
CWE-284
Improper Access Control
|
CVE-2015-1173
|
2024-11-21 11:24 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272842
|
- |
|
basware
|
banking
|
Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user cred…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2015-0943
|
2024-11-21 11:24 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272843
|
- |
|
gsm
|
sim_card_editor
|
Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1171
|
2024-11-21 11:24 |
2015-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272844
|
- |
|
indusoft
wonderware
|
web_studio
intouch
|
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local user…
|
CWE-200
Information Exposure
|
CVE-2015-1009
|
2024-11-21 11:24 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272845
|
- |
|
hospira
|
lifecare_pcainfusion_firmware
|
Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-1011
|
2024-11-21 11:24 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272846
|
- |
|
icsgmbh
|
pactware
|
PACTware 4.1 SP3 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers an internal error.
|
CWE-19
Data Processing Errors
|
CVE-2015-0989
|
2024-11-21 11:24 |
2015-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272847
|
- |
|
cups
|
cups
|
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1159
|
2024-11-21 11:24 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272848
|
- |
|
cups
|
cups
|
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trig…
|
CWE-254
7PK - Security Features
|
CVE-2015-1158
|
2024-11-21 11:24 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272849
|
- |
|
pearson
|
proctorcache
|
Pearson ProctorCache before 2015.1.17 uses the same hardcoded password across different customers' installations, which allows remote attackers to modify test metadata or cause a denial of service (t…
|
CWE-255
Credentials Management
|
CVE-2015-0972
|
2024-11-21 11:24 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272850
|
- |
|
moxa
|
softcms
|
Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1000
|
2024-11-21 11:24 |
2015-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
