|
272711
|
- |
|
mcafee
|
data_loss_prevention_endpoint
|
Cross-site scripting (XSS) vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated users to inject arbitrary web script or HTML vi…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1617
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272712
|
- |
|
mcafee
|
data_loss_prevention_endpoint
|
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified …
|
CWE-89
SQL Injection
|
CVE-2015-1616
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272713
|
- |
|
colorlib
|
fancybox
|
The FancyBox for WordPress plugin before 3.0.3 for WordPress does not properly restrict access, which allows remote attackers to conduct cross-site scripting (XSS) attacks via an mfbfw[*] parameter i…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1494
|
2024-11-21 11:25 |
2015-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272714
|
- |
|
rhodecode
|
rhodecode_enterprise
|
RhodeCode before 2.2.7 allows remote authenticated users to obtain API keys and other sensitive information via the (1) update_repo, (2) get_locks, or (3) get_user_groups API method.
|
CWE-200
Information Exposure
|
CVE-2015-1613
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272715
|
- |
|
solarwinds
|
server_and_application_monitor
|
The factory.loadExtensionFactory function in TSUnicodeGraphEditorControl in SolarWinds Server and Application Monitor (SAM) allow remote attackers to execute arbitrary code via a UNC path to a crafte…
|
CWE-94
Code Injection
|
CVE-2015-1501
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272716
|
- |
|
solarwinds
|
server_and_application_monitor
|
Multiple stack-based buffer overflows in the TSUnicodeGraphEditorControl in SolarWinds Server and Application Monitor (SAM) allow remote attackers to execute arbitrary code via unspecified vectors to…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1500
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272717
|
- |
|
samsung
|
samsung_security_manager
|
The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1499
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272718
|
- |
|
persistent_systems
|
radia_client_automation
|
Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to (1) enumerate user accounts via a getUsers request, (2) assign a role…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1498
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272719
|
- |
|
persistent_systems
|
radia_client_automation
|
radexecd.exe in Persistent Systems Radia Client Automation (RCA) 7.9, 8.1, 9.0, and 9.1 allows remote attackers to execute arbitrary commands via a crafted request to TCP port 3465.
|
CWE-94
Code Injection
|
CVE-2015-1497
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272720
|
- |
|
motorola
|
motorola_scanner_sdk
|
Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1496
|
2024-11-21 11:25 |
2015-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
