|
270241
|
- |
|
cisco
|
edge_bluebird_operating_system
|
The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka …
|
CWE-200
Information Exposure
|
CVE-2015-4308
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270242
|
- |
|
cisco
|
nx-os
|
Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225.
|
CWE-399
Resource Management Errors
|
CVE-2015-4301
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270243
|
- |
|
cisco
|
unified_web_and_e-mail_interaction_manager
|
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which allows remote authenticated users to remove default messaging-queue system folders via unspecified vec…
|
CWE-284
Improper Access Control
|
CVE-2015-4299
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270244
|
- |
|
cisco
|
unified_web_and_e-mail_interaction_manager
|
Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorization, which allows remote authenticated users to read or write to stored data via unspecified vectors,…
|
CWE-284
Improper Access Control
|
CVE-2015-4298
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270245
|
- |
|
cisco
|
firesight_system_software
|
The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows remote attackers to delete arbitrary system policies via modified parameters in a POST request, aka Bug ID CSCuu25390.
|
CWE-284
Improper Access Control
|
CVE-2015-4302
|
2024-11-21 11:30 |
2015-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270246
|
- |
|
cisco
|
webex_node_for_mcs
|
Open redirect vulnerability in Cisco WebEx Node for Media Convergence Server (MCS) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via crafted HTTP reque…
|
NVD-CWE-Other
|
CVE-2015-4297
|
2024-11-21 11:30 |
2015-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270247
|
- |
|
netgate
|
pfsense
|
Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attackers to inject arbitrary web script or HTML via the zone parameter in a del action to services_captiv…
|
CWE-79
Cross-site Scripting
|
CVE-2015-4029
|
2024-11-21 11:30 |
2015-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270248
|
- |
|
redhat
|
ansible
|
Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle …
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2015-3908
|
2024-11-21 11:30 |
2015-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270249
|
- |
|
debian
linux
canonical
|
debian_linux
linux_kernel
ubuntu_linux
|
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data represen…
|
CWE-189
Numeric Errors
|
CVE-2015-4167
|
2024-11-21 11:30 |
2015-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270250
|
- |
|
windriver
|
vxworks
|
Wind River VxWorks before 5.5.1, 6.5.x through 6.7.x before 6.7.1.1, 6.8.x before 6.8.3, 6.9.x before 6.9.4.4, and 7.x before 7 ipnet_coreip 1.2.2.0, as used on Schneider Electric SAGE RTU devices be…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2015-3963
|
2024-11-21 11:30 |
2015-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
