|
266841
|
6.1 |
MEDIUM
Network
|
ibm
|
business_process_manager
|
Cross-site scripting (XSS) vulnerability in Process Portal in IBM Business Process Manager 8.5.0.x through 8.5.0.2, 8.5.5.x through 8.5.5.0, and 8.5.6.x through 8.5.6.2 allows remote attackers to inj…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8524
|
2024-11-21 11:38 |
2016-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266842
|
9.8 |
CRITICAL
Network
|
flexerasoftware
|
flexnet_publisher
|
Multiple buffer overflows in (1) lmgrd and (2) Vendor Daemon in Flexera FlexNet Publisher before 11.13.1.2 Security Update 1 allow remote attackers to execute arbitrary code via a crafted packet with…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8277
|
2024-11-21 11:38 |
2016-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266843
|
9.1 |
CRITICAL
Network
|
symantec
|
encryption_management_server
|
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access.
|
CWE-78
OS Command
|
CVE-2015-8151
|
2024-11-21 11:38 |
2016-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266844
|
7.8 |
HIGH
Local
|
symantec
|
encryption_management_server
|
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8150
|
2024-11-21 11:38 |
2016-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266845
|
7.5 |
HIGH
Network
|
symantec
|
encryption_management_server
|
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted request…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8149
|
2024-11-21 11:38 |
2016-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266846
|
7.5 |
HIGH
Network
|
symantec
|
encryption_management_server
|
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request.
|
CWE-200
Information Exposure
|
CVE-2015-8148
|
2024-11-21 11:38 |
2016-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266847
|
5.3 |
MEDIUM
Network
|
swann
|
swnvw-470cam_firmware
srnvw-470lcd_firmware
|
Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL.
|
NVD-CWE-Other
|
CVE-2015-8287
|
2024-11-21 11:38 |
2016-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266848
|
9.8 |
CRITICAL
Network
|
zhuhai
|
raysharp_firmware
|
Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000.
|
CWE-254
7PK - Security Features
|
CVE-2015-8286
|
2024-11-21 11:38 |
2016-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266849
|
6.5 |
MEDIUM
Network
|
cybozu
|
office
|
customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a denial of service (excessive database locking) via a crafted CSV file, a different vulnerability than CVE-…
|
CWE-20
Improper Input Validation
|
CVE-2015-8489
|
2024-11-21 11:38 |
2016-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266850
|
4.3 |
MEDIUM
Network
|
cybozu
|
office
|
Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message, a different vulnerability than CVE-2015-8487.
|
CWE-200
Information Exposure
|
CVE-2015-8488
|
2024-11-21 11:38 |
2016-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
