|
269111
|
- |
|
ntt-bp
|
japan_connected-free_wi-fi
|
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtai…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5629
|
2024-11-21 11:33 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269112
|
- |
|
canon
|
pixma_mg7500_series_inkjet_printer
|
Cross-site request forgery (CSRF) vulnerability in the Remote UI on Canon PIXMA MG7500 printers allows remote attackers to hijack the authentication of administrators.
|
CWE-352
Origin Validation Error
|
CVE-2015-5631
|
2024-11-21 11:33 |
2015-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269113
|
- |
|
opendocman
|
opendocman
|
Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to inject arbitrary web script or HTML via the redirection parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5625
|
2024-11-21 11:33 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269114
|
- |
|
freebit
|
elphonebtnv6_activex_control
|
Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5624
|
2024-11-21 11:33 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269115
|
- |
|
isc
apple
|
bind
mac_os_x_server
|
buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a …
|
CWE-20
Improper Input Validation
|
CVE-2015-5722
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269116
|
- |
|
geddyjs
|
geddy
|
Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the PATH_INFO to the de…
|
CWE-22
Path Traversal
|
CVE-2015-5688
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269117
|
- |
|
octobercms
|
october
|
Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via the caption tag of a profile image.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5612
|
2024-11-21 11:33 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269118
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishield.sys drivers in Fortinet FortiClient before 5.2.4 do not properly restrict access to the API for…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5737
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269119
|
- |
|
fortinet
|
forticlient
|
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5736
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269120
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to write to arbitrary memory locations via a 0x22…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5735
|
2024-11-21 11:33 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
