|
267061
|
5.5 |
MEDIUM
Local
|
huawei
|
mate_7_firmware
p8_firmware
|
The HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B220SP01, GRA-CL00 before GRA-CL00C92B220, GRA-CL10 before GRA-CL10C92B220, GRA-UL00 before GRA-UL00C00B220, GRA-UL10 befo…
|
NVD-CWE-Other
|
CVE-2015-8337
|
2024-11-21 11:38 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267062
|
6.5 |
MEDIUM
Network
|
huawei
|
vcn500
|
Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading…
|
CWE-200
Information Exposure
|
CVE-2015-8335
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267063
|
7.1 |
HIGH
Network
|
huawei
|
vcn500
|
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8333
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267064
|
7.4 |
HIGH
Network
|
huawei
|
vcn500
|
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attack…
|
CWE-20
Improper Input Validation
|
CVE-2015-8331
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267065
|
7.5 |
HIGH
Network
|
huawei
|
espace_7950
espace_7910
|
Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets.
|
CWE-399
Resource Management Errors
|
CVE-2015-8231
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267066
|
7.5 |
HIGH
Network
|
huawei
|
espace_8950
|
Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted …
|
CWE-399
Resource Management Errors
|
CVE-2015-8230
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267067
|
4.6 |
MEDIUM
Physics
|
mozilla
|
firefox_os
|
The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by enterin…
|
CWE-284
Improper Access Control
|
CVE-2015-8512
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267068
|
6.4 |
MEDIUM
Physics
|
mozilla
|
firefox_os
|
Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2015-8511
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267069
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox_os
|
Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8510
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267070
|
6.1 |
MEDIUM
Network
|
getsymphony
|
symphony
|
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Navigation Group, or (3) Label parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2015-8376
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
