|
269891
|
6.1 |
MEDIUM
Network
|
xceedium
|
xsuite
|
Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirurl parameter.
|
CWE-601
Open Redirect
|
CVE-2015-4668
|
2024-11-21 11:31 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269892
|
9.8 |
CRITICAL
Network
|
xceedium
|
xsuite
|
Multiple hardcoded credentials in Xsuite 2.x.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2015-4667
|
2024-11-21 11:31 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269893
|
6.1 |
MEDIUM
Network
|
ipython
|
ipython
|
Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/contents path.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4706
|
2024-11-21 11:31 |
2017-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269894
|
6.1 |
MEDIUM
Network
|
ipython
|
ipython
|
Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving JSON error messages and the /api/notebooks path.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4707
|
2024-11-21 11:31 |
2017-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269895
|
7.0 |
HIGH
Local
|
polycom
|
realpresence_resource_manager
|
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo m…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4685
|
2024-11-21 11:31 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269896
|
9.8 |
CRITICAL
Network
|
polycom
|
realpresence_resource_manager
|
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive information and potentially gain privileges by leveraging use of session identifiers as parameters wit…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4683
|
2024-11-21 11:31 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269897
|
6.5 |
MEDIUM
Network
|
polycom
|
realpresence_resource_manager
|
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obtain the installation path via an HTTP POST request to PlcmRmWeb/JConfigManager.
|
CWE-200
Information Exposure
|
CVE-2015-4682
|
2024-11-21 11:31 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269898
|
6.5 |
MEDIUM
Network
|
polycom
|
realpresence_resource_manager
|
Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allow (1) remote authenticated users to read arbitrary files via a .. (dot dot) in the Modi…
|
CWE-255
Credentials Management
|
CVE-2015-4684
|
2024-11-21 11:31 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269899
|
7.8 |
HIGH
Local
|
polycom
|
realpresence_resource_manager
|
Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords.
|
CWE-255
Credentials Management
|
CVE-2015-4681
|
2024-11-21 11:31 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269900
|
9.8 |
CRITICAL
Network
|
ellucian
|
banner_student
|
Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset arbitrary passwords via unspecified vectors, aka "Weak Password Reset."
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2015-4689
|
2024-11-21 11:31 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
