|
272421
|
- |
|
openstack
|
image_registry_and_delivery_service_\(glance\)
|
OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption)…
|
CWE-399
Resource Management Errors
|
CVE-2015-1881
|
2024-11-21 11:26 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272422
|
- |
|
zhone_technologies
|
gpon_2520_firmware
|
Zhone GPON 2520 with firmware R4.0.2.566b allows remote attackers to cause a denial of service via a long string in the oldpassword parameter.
|
CWE-20
Improper Input Validation
|
CVE-2015-2055
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272423
|
- |
|
sierra_wireless
|
sierra_wireless_aircard_763s
sierra_wireless_aircard_760s
sierra_wireless_aircard_762s
|
CRLF injection vulnerability in export.cfg in the web-based administrative console for Sierra Wireless AirCard 760S, 762S, and 763S allows remote attackers to inject arbitrary headers via CRLF sequen…
|
NVD-CWE-Other
|
CVE-2015-2054
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272424
|
- |
|
mcafee
|
mcafee_agent
|
The log viewer in McAfee Agent (MA) before 4.8.0 Patch 3 and 5.0.0, when the "Accept connections only from the ePO server" option is disabled, allows remote attackers to conduct clickjacking attacks …
|
CWE-20
Improper Input Validation
|
CVE-2015-2053
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272425
|
- |
|
dlink
|
dir-645_firmware
|
Stack-based buffer overflow in the DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary code via a long string in a GetDeviceSettings a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2052
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272426
|
- |
|
dlink
|
dap-1320_firmware
|
D-Link DAP-1320 Rev Ax with firmware before 1.21b05 allows attackers to execute arbitrary commands via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-2050
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272427
|
- |
|
dlink
|
dcs-931l_firmware
|
Unrestricted file upload vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
|
NVD-CWE-Other
|
CVE-2015-2049
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272428
|
- |
|
dlink
|
dcs-931l_firmware
|
Cross-site request forgery (CSRF) vulnerability in D-Link DCS-931L with firmware 1.04 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
|
CWE-352
Origin Validation Error
|
CVE-2015-2048
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272429
|
- |
|
typo3
debian
|
typo3
debian_linux
|
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39, and 4.6.0 through 4.6.18, when configured for the frontend, allows remote attackers to bypass authenti…
|
CWE-287
Improper Authentication
|
CVE-2015-2047
|
2024-11-21 11:26 |
2015-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272430
|
- |
|
cfdbplugin
|
contact_form_db
|
Cross-site scripting (XSS) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin 2.8.26 for WordPress allows remote attackers to inject arbitrary web script …
|
CWE-79
Cross-site Scripting
|
CVE-2015-2040
|
2024-11-21 11:26 |
2015-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
