|
273651
|
5.9 |
MEDIUM
Network
|
line
|
line
|
LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a r…
|
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
|
CVE-2015-0897
|
2024-11-21 11:23 |
2023-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273652
|
10.0 |
CRITICAL
Network
|
google
|
native_client
|
NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0565
|
2024-11-21 11:23 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273653
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software. The vulnerabilities is…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0749
|
2024-11-21 11:23 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273654
|
5.3 |
MEDIUM
Network
|
adbglobal
|
p.dga4001n_firmware
|
The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6, and possibly other routers, uses "1236790" and the MAC address to generate the WPA key.
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2015-0558
|
2024-11-21 11:23 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273655
|
7.5 |
HIGH
Network
|
monopd_project
|
monopd
|
Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.
|
CWE-193
Off-by-one Error
|
CVE-2015-0841
|
2024-11-21 11:23 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273656
|
5.9 |
MEDIUM
Network
|
gnupg
debian
|
gnupg
libgcrypt
debian_linux
|
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during mo…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2015-0837
|
2024-11-21 11:23 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273657
|
7.8 |
HIGH
Local
|
opensuse
|
open_buildservice
|
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow bu…
|
CWE-59
Link Following
|
CVE-2015-0796
|
2024-11-21 11:23 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273658
|
5.9 |
MEDIUM
Network
|
okb
|
smart_passbook
|
Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted cer…
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0874
|
2024-11-21 11:23 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273659
|
7.5 |
HIGH
Network
|
cisco
|
cloud_web_security
|
Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protection mechanisms by leveraging improper handling of HTTP methods, aka Bug ID CSCut69743.
|
CWE-119
CWE-19
Incorrect Access of Indexable Resource ('Range Error')
Data Processing Errors
|
CVE-2015-0689
|
2024-11-21 11:23 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273660
|
8.8 |
HIGH
Network
|
pysvn_project
|
svn-workbench
|
svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the "Command Shell" menu item while in the directory trunk/$(xeyes).
|
CWE-20
Improper Input Validation
|
CVE-2015-0853
|
2024-11-21 11:23 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
