|
270221
|
- |
|
oracle
rubygems
|
solaris
rubygems
|
RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests t…
|
CWE-20
Improper Input Validation
|
CVE-2015-4020
|
2024-11-21 11:30 |
2015-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270222
|
- |
|
cisco
|
prime_infrastructure
|
Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows remote authenticated users to bypass intended access restrictions via a username with a modified composi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4331
|
2024-11-21 11:30 |
2015-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270223
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528.
|
CWE-399
Resource Management Errors
|
CVE-2015-4318
|
2024-11-21 11:30 |
2015-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270224
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID …
|
CWE-20
Improper Input Validation
|
CVE-2015-4329
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270225
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA) Software 9.3(1.50), 9.3(2.100), 9.3(3), and 9.4(1) mishandles cases where an IP address belongs to…
|
CWE-20
Improper Input Validation
|
CVE-2015-4321
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270226
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
The password-change feature in the administrative web interface in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 improperly performs authorization, which allows remote authent…
|
CWE-255
Credentials Management
|
CVE-2015-4319
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270227
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly validates the phone line used for registration, whic…
|
CWE-20
Improper Input Validation
|
CVE-2015-4316
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270228
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary commands in the context of the nobody user account via an unspecified web-page parame…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4303
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270229
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user account's read-only attribute, which allows remote authenticated users to execute arbitrary OS comma…
|
CWE-20
Improper Input Validation
|
CVE-2015-4328
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270230
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to obtain root privileges by writing script arguments to an unspecified file, aka Bug ID CSCuv12542.
|
CWE-20
Improper Input Validation
|
CVE-2015-4327
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
