|
269401
|
- |
|
wordpress
debian
|
wordpress
debian_linux
|
Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users to inject arbitrary web script or HTML by leveraging the Author or Contributor role to place a cra…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5622
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269402
|
- |
|
openbsd
|
openssh
|
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it ea…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5600
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269403
|
- |
|
siemens
|
ruggedcom_rugged_operating_system
ruggedcom_rox_ii_firmware
|
The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properly implement CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext …
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2015-5537
|
2024-11-21 11:33 |
2015-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269404
|
- |
|
chiyutw
|
bf-630
bf-630w
|
Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authentication and (1) read or (2) modify (a) Voice Time Set configuration settings via a request to voice…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5618
|
2024-11-21 11:33 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269405
|
- |
|
isc
|
bind
|
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
|
CWE-19
Data Processing Errors
|
CVE-2015-5477
|
2024-11-21 11:33 |
2015-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269406
|
- |
|
google
opensuse
|
chrome
opensuse
|
The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mishandles interrupts, which allows remote attackers to cause a denial of service (application crash)…
|
CWE-17
Code
|
CVE-2015-5605
|
2024-11-21 11:33 |
2015-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269407
|
- |
|
gemalto
|
safenet_luna_pci-e
safenet_luna_sa
safenet_luna_g5
|
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restrictions by leveraging (1) crypto-user or (2) crypto-officer access to an HSM partition.
|
CWE-284
Improper Access Control
|
CVE-2015-5464
|
2024-11-21 11:33 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269408
|
- |
|
fca
|
uconnect
|
Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles (FCA) from 2013 to 2015 models, allows remote attackers in the same cellular network to control vehi…
|
NVD-CWE-noinfo
|
CVE-2015-5611
|
2024-11-21 11:33 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269409
|
- |
|
solarwinds
|
n-able_n-central
|
The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote …
|
CWE-200
Information Exposure
|
CVE-2015-5610
|
2024-11-21 11:33 |
2015-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269410
|
- |
|
freereprintables
|
articlefr
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remote attackers to hijack the authentication of administrators for requests that add an administ…
|
CWE-352
Origin Validation Error
|
CVE-2015-5530
|
2024-11-21 11:33 |
2015-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
