|
271221
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote …
|
CWE-255
Credentials Management
|
CVE-2015-2915
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271222
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf o…
|
NVD-CWE-Other
|
CVE-2015-2914
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271223
|
- |
|
retrospect
|
retrospect_client
retrospect
|
Retrospect and Retrospect Client before 10.0.2.119 on Windows, before 12.0.2.116 on OS X, and before 10.0.2.104 on Linux improperly generate password hashes, which makes it easier for remote attacker…
|
CWE-255
Credentials Management
|
CVE-2015-2864
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271224
|
- |
|
spice_project
redhat
|
spice
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_hpc_node
|
Race condition in the worker_update_monitors_config function in SPICE 0.12.4 allows a remote authenticated guest user to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or…
|
CWE-119
CWE-362
Incorrect Access of Indexable Resource ('Range Error')
Race Condition
|
CVE-2015-3247
|
2024-11-21 11:28 |
2015-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271225
|
- |
|
openstack
|
nova
|
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of …
|
CWE-399
Resource Management Errors
|
CVE-2015-3241
|
2024-11-21 11:28 |
2015-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271226
|
- |
|
lemon-s_php
|
twit_bbs
|
Cross-site scripting (XSS) vulnerability in index.php in LEMON-S PHP Twit BBS allows remote attackers to inject arbitrary web script or HTML via the imagetitle parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2989
|
2024-11-21 11:28 |
2015-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271227
|
- |
|
rakuto
|
rktsns2
|
Cross-site scripting (XSS) vulnerability in rakuto.net hitSuji (rktSNS2) 0.2.2b allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2986
|
2024-11-21 11:28 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271228
|
- |
|
guide-park
|
bbs_x102
|
Cross-site scripting (XSS) vulnerability in guide-park.com BBS X102 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-2985
|
2024-11-21 11:28 |
2015-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271229
|
- |
|
nscripter_project
|
nscripter
|
Buffer overflow in NScripter before 3.00 allows remote attackers to execute arbitrary code via crafted save data.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2991
|
2024-11-21 11:28 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271230
|
- |
|
neojapan
|
desknet_neo
|
Directory traversal vulnerability in zhtml.cgi in NEOJAPAN desknet NEO 2.0R1.0 through 2.5R1.4 allows remote authenticated users to read arbitrary files via a crafted parameter.
|
CWE-22
Path Traversal
|
CVE-2015-2990
|
2024-11-21 11:28 |
2015-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
