|
271051
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier …
|
CWE-20
Improper Input Validation
|
CVE-2015-2917
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271052
|
- |
|
securifi
|
almond-2015_firmware
almond_firmware
|
Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote attackers t…
|
CWE-352
Origin Validation Error
|
CVE-2015-2916
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271053
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote …
|
CWE-255
Credentials Management
|
CVE-2015-2915
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271054
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf o…
|
NVD-CWE-Other
|
CVE-2015-2914
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271055
|
- |
|
retrospect
|
retrospect_client
retrospect
|
Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attacker…
|
CWE-255
Credentials Management
|
CVE-2015-2864
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271056
|
- |
|
spice_project
redhat
|
spice
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_hpc_node
|
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or…
|
CWE-119
CWE-362
Incorrect Access of Indexable Resource ('Range Error')
Race Condition
|
CVE-2015-3247
|
2024-11-21 11:28 |
2015-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271057
|
- |
|
openstack
|
nova
|
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of …
|
CWE-399
Resource Management Errors
|
CVE-2015-3241
|
2024-11-21 11:28 |
2015-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271058
|
- |
|
lemon-s_php
|
twit_bbs
|
Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2989
|
2024-11-21 11:28 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271059
|
- |
|
rakuto
|
rktsns2
|
Cross-site scripting (XSS) vulnerability in rakuto.net hitSuji (rktSNS2) 0.2.2b allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2986
|
2024-11-21 11:28 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271060
|
- |
|
guide-park
|
bbs_x102
|
Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2985
|
2024-11-21 11:28 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
