|
270491
|
- |
|
cisco
|
nx-os
|
Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devices does not properly implement RBAC health scoring, which allows remote authenticated users to obt…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4225
|
2024-11-21 11:30 |
2015-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270492
|
- |
|
cisco
|
ios
|
Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (PRE) module on UBR devices allows remote attackers to cause a denial of service (NULL pointer fr…
|
CWE-362
Race Condition
|
CVE-2015-4199
|
2024-11-21 11:30 |
2015-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270493
|
- |
|
cisco
|
wireless_lan_controller_software
|
Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute arbitrary OS commands in a privileged context via crafted CLI commands, aka Bug ID CSCuj39474.
|
CWE-78
OS Command
|
CVE-2015-4224
|
2024-11-21 11:30 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270494
|
- |
|
cisco
|
unified_communications_manager_im_and_presence_service
|
SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1) allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug…
|
CWE-89
SQL Injection
|
CVE-2015-4222
|
2024-11-21 11:30 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270495
|
- |
|
cisco
|
unified_communications_manager_im_and_presence_service
|
Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict access to encrypted passwords, which allows remote attackers to determine cleartext passwords, and conse…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4221
|
2024-11-21 11:30 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270496
|
- |
|
cisco
|
email_security_virtual_appliance
content_security_management_virtual_appliance
web_security_virtual_appliance
|
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the…
|
CWE-310
CWE-200
Cryptographic Issues
Information Exposure
|
CVE-2015-4217
|
2024-11-21 11:30 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270497
|
- |
|
cisco
|
email_security_virtual_appliance
content_security_management_virtual_appliance
web_security_virtual_appliance
|
The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Appliance (ESAv), and Security Management Virtual Appliance (SMAv) devices before 2015-06-25 uses the…
|
CWE-200
Information Exposure
|
CVE-2015-4216
|
2024-11-21 11:30 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270498
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted MPLS Label Distribution Protocol (LDP) packets, aka Bug ID CSCuu77478.
|
CWE-399
Resource Management Errors
|
CVE-2015-4223
|
2024-11-21 11:30 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270499
|
- |
|
cisco
|
unified_presence_server
|
Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attackers to inject arbitrary web script or HTML via an unspecified value, aka Bug ID CSCuq03773.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4220
|
2024-11-21 11:30 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270500
|
- |
|
ruby-lang
rubygems
oracle
redhat
|
ruby
rubygems
solaris
enterprise_linux
|
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests t…
|
CWE-254
7PK - Security Features
|
CVE-2015-3900
|
2024-11-21 11:30 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
