|
274871
|
- |
|
windriver
|
vxworks
|
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices be…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2015-3963
|
2024-11-21 11:30 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274872
|
- |
|
garrettcom
|
magnum_6k_firmware
magnum_10k_firmware
|
The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service (memory corruption and reboot) via a…
|
CWE-399
Resource Management Errors
|
CVE-2015-3961
|
2024-11-21 11:30 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274873
|
- |
|
garrettcom
|
magnum_6k_firmware
magnum_10k_firmware
|
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easi…
|
CWE-310
Cryptographic Issues
|
CVE-2015-3960
|
2024-11-21 11:30 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274874
|
- |
|
garrettcom
|
magnum_6k_firmware
magnum_10k_firmware
|
The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches has a hardcoded serial-console password for a privileged account, which might allow physically proximate attack…
|
NVD-CWE-Other
|
CVE-2015-3959
|
2024-11-21 11:30 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274875
|
- |
|
garrettcom
|
magnum_6k_firmware
magnum_10k_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3942
|
2024-11-21 11:30 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274876
|
- |
|
schneider-electric
|
wonderware_system_platform_2014
|
Untrusted search path vulnerability in Schneider Electric Wonderware System Platform before 2014 R2 Patch 01 allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-22
Path Traversal
|
CVE-2015-3940
|
2024-11-21 11:30 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274877
|
- |
|
cisco
|
unified_communications_manager
|
The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5(3.10000.9) allows remote authenticated users to discover root credentials via a direct request to an unspecif…
|
CWE-200
Information Exposure
|
CVE-2015-4295
|
2024-11-21 11:30 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274878
|
- |
|
cisco
|
unified_communications_manager_im_and_presence_service
|
Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows remote attackers to inject arbitrary web script or HTML by constructing a crafted URL that leverages i…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4294
|
2024-11-21 11:30 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274879
|
- |
|
cisco
|
prime_central_for_hosted_collaboration_solution_assurance
|
Cross-site scripting (XSS) vulnerability in the management interface in Cisco Prime Central for Hosted Collaboration Solution (PC4HCS) 10.6(2) allows remote attackers to inject arbitrary web script o…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4292
|
2024-11-21 11:30 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274880
|
- |
|
cisco
|
ios_xe
|
Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to cause a denial of service (Embedded Services Processor crash) via a crafted series of fragmented (1…
|
CWE-399
Resource Management Errors
|
CVE-2015-4291
|
2024-11-21 11:30 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
