|
267991
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a linear algorithm for selecting the ID value in the header of a DNS que…
|
NVD-CWE-Other
|
CVE-2015-7296
|
2024-11-21 11:36 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267992
|
- |
|
boxoft
|
boxoft_wav_to_mp3_converter
|
Buffer overflow in Boxoft WAV to MP3 Converter allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted WAV file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7243
|
2024-11-21 11:36 |
2015-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267993
|
- |
|
sap
|
netweaver_j2ee_engine
|
SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-7239
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267994
|
- |
|
mcafee
|
threat_intelligence_exchange
|
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sen…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7238
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267995
|
- |
|
mcafee
|
mcafee_agent
|
Directory traversal vulnerability in the remote log viewing functionality in McAfee Agent (MA) 5.x before 5.0.2 allows remote attackers to obtain sensitive information via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2015-7237
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267996
|
- |
|
cp_reservation_calender_project
|
cp_reservation_calender
|
Multiple SQL injection vulnerabilities in dex_reservations.php in the CP Reservation Calendar plugin before 1.1.7 for WordPress allow remote attackers to execute arbitrary SQL commands via the (1) id…
|
CWE-89
SQL Injection
|
CVE-2015-7235
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267997
|
- |
|
structured_dynamics
|
open_semantic_framework
|
The OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology and OSF Import modules are enabled, allows user-assisted remote attackers to delete arbitrary files via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-7234
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267998
|
- |
|
structured_dynamics
|
open_semantic_framework
|
Cross-site request forgery (CSRF) vulnerability in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Import module is enabled, allows remote attackers to hijack the authentication of adm…
|
CWE-352
Origin Validation Error
|
CVE-2015-7233
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267999
|
- |
|
structured_dynamics
|
open_semantic_framework
|
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the OSF module 7.x-3.x before 7.x-3.1 for Drupal, when the OSF Ontology module is enabled, allows remote attackers to i…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7232
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268000
|
- |
|
drupalcommerce
|
commerce_commonwealth
|
The Commerce Commonwealth (CBA) module 7.x-1.x before 7.x-1.5 for Drupal does not properly validate payments, which allows remote attackers to make a failed payment appear valid via a crafted URL, re…
|
CWE-20
Improper Input Validation
|
CVE-2015-7231
|
2024-11-21 11:36 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
