|
270991
|
7.5 |
HIGH
Network
|
redhat
|
virtio-win
|
The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service (guest crash) via a crafted length value in an IP packet, as demonstrated by a value that does not account for th…
|
CWE-20
Improper Input Validation
|
CVE-2015-3215
|
2024-11-21 11:28 |
2017-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270992
|
4.7 |
MEDIUM
Local
|
redhat
|
automatic_bug_reporting_tool
|
The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain sensi…
|
CWE-200
Information Exposure
|
CVE-2015-3142
|
2024-11-21 11:28 |
2017-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270993
|
7.5 |
HIGH
Network
|
tlslite_project
|
tlslite
|
The tlslite library before 0.4.9 for Python allows remote attackers to trigger a denial of service (runtime exception and process crash).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3220
|
2024-11-21 11:28 |
2017-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270994
|
7.5 |
HIGH
Network
|
huawei
|
s5700_firmware
s5300_firmware
s6300_firmware
s6700_firmware
s7700_firmware
s9300_firmware
s9700_firmware
|
The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remo…
|
CWE-287
Improper Authentication
|
CVE-2015-2800
|
2024-11-21 11:28 |
2017-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270995
|
6.1 |
MEDIUM
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cloud_foundry_uaa
cf-release
|
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the UAA logout link is susceptible to an op…
|
CWE-601
Open Redirect
|
CVE-2015-3190
|
2024-11-21 11:28 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270996
|
8.8 |
HIGH
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cloud_foundry_uaa
cf-release
|
With Cloud Foundry Runtime cf-release versions v209 or earlier, UAA Standalone versions 2.2.6 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier the change_email form in UAA is vulnerable …
|
CWE-352
Origin Validation Error
|
CVE-2015-3191
|
2024-11-21 11:28 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270997
|
3.7 |
LOW
Network
|
pivotal_software
cloudfoundry
|
cloud_foundry_elastic_runtime
cloud_foundry_uaa
cf-release
|
With Cloud Foundry Runtime cf-release versions v208 or earlier, UAA Standalone versions 2.2.5 or earlier and Pivotal Cloud Foundry Runtime 1.4.5 or earlier, old Password Reset Links are not expired a…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2015-3189
|
2024-11-21 11:28 |
2017-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270998
|
9.1 |
CRITICAL
Network
|
grabacr.net
|
kancolleviewer
|
KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic.
|
CWE-441
Confused Deputy
|
CVE-2015-2947
|
2024-11-21 11:28 |
2017-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270999
|
8.8 |
HIGH
Network
|
summerinfant
|
baby_zoom_wifi_monitor_firmware
|
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2889
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271000
|
9.8 |
CRITICAL
Network
|
summerinfant
|
baby_zoom_wifi_monitor_firmware
|
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the MySnapCam web service.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2015-2888
|
2024-11-21 11:28 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
