|
270141
|
- |
|
xceedium
|
xsuite
|
Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4665
|
2024-11-21 11:31 |
2015-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270142
|
- |
|
cacti
|
cacti
|
SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute arbitrary SQL commands via the local_graph_id parameter.
|
CWE-89
SQL Injection
|
CVE-2015-4634
|
2024-11-21 11:31 |
2015-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270143
|
- |
|
mozilla
|
firefox_os
|
Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system message, which allows attackers to obtain potentially sensitive information via a crafted app.
|
CWE-200
Information Exposure
|
CVE-2015-4494
|
2024-11-21 11:31 |
2015-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270144
|
- |
|
timedoctor
|
timedoctor
|
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer files that are retrieved without use of SSL, which makes it easier for man-in-the-middle attackers to …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2015-4674
|
2024-11-21 11:31 |
2015-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270145
|
- |
|
linux
|
linux_kernel
|
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have…
|
NVD-CWE-Other
|
CVE-2015-4692
|
2024-11-21 11:31 |
2015-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270146
|
- |
|
emc
|
avamar_server_virtual_edition
avamar_server
|
Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition (AVE) 7.x before 7.1.2 allows remote attackers to read arbitrary files by using the Avamar Desktop/…
|
CWE-200
Information Exposure
|
CVE-2015-4527
|
2024-11-21 11:31 |
2015-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270147
|
- |
|
debian
wireshark
|
debian_linux
wireshark
|
epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service…
|
CWE-20
Improper Input Validation
|
CVE-2015-4652
|
2024-11-21 11:31 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270148
|
- |
|
wireshark
debian
oracle
|
wireshark
debian_linux
solaris
|
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available…
|
CWE-399
Resource Management Errors
|
CVE-2015-4651
|
2024-11-21 11:31 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270149
|
- |
|
tibco
|
spotfire_deployment_kit
spotfire_professional
spotfire_web_player
spotfire_desktop
spotfire_desktop_language_packs
spotfire_automation_services
spotfire_analyst
silver_fabric_ena…
|
Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire…
|
NVD-CWE-noinfo
|
CVE-2015-4554
|
2024-11-21 11:31 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270150
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, w…
|
CWE-310
Cryptographic Issues
|
CVE-2015-4458
|
2024-11-21 11:31 |
2015-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
