|
272771
|
- |
|
asus
|
rt-n10\+d1_firmware
|
Multiple cross-site scripting (XSS) vulnerabilities in Asus RT-N10+ D1 router with firmware 2.1.1.1.70 allow remote attackers to inject arbitrary web script or HTML via the flag parameter to (1) resu…
|
CWE-79
Cross-site Scripting
|
CVE-2015-1437
|
2024-11-21 11:25 |
2015-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272772
|
- |
|
servision
|
hvg_video_gateway_firmware
|
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP r…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1469
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272773
|
- |
|
clamav
fedoraproject
|
clamav
fedora
|
ClamAV before 0.98.6 allows remote attackers to cause a denial of service (crash) via a crafted petite packer file, related to an "incorrect compiler optimization."
|
CWE-17
Code
|
CVE-2015-1463
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272774
|
- |
|
fedoraproject
clamav
|
fedora
clamav
|
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted upx packer file, related to a "heap out of bounds condition."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1462
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272775
|
- |
|
fedoraproject
clamav
|
fedora
clamav
|
ClamAV before 0.98.6 allows remote attackers to have unspecified impact via a crafted (1) Yoda's crypter or (2) mew packer file, related to a "heap out of bounds condition."
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1461
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272776
|
- |
|
huawei
|
quidway_firmware
|
Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1460
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272777
|
- |
|
fortinet
|
fortiauthenticator
|
Cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the operation parameter to cert/scep/.
|
CWE-79
Cross-site Scripting
|
CVE-2015-1459
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272778
|
- |
|
fortinet
|
fortiauthenticator
|
Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-1458
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272779
|
- |
|
fortinet
|
fortiauthenticator
|
Fortinet FortiAuthenticator 3.0.0 allows local users to read arbitrary files via the -f flag to the dig command.
|
CWE-200
Information Exposure
|
CVE-2015-1457
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272780
|
- |
|
fortinet
|
fortiauthenticator
|
Fortinet FortiAuthenticator 3.0.0 logs the PostgreSQL usernames and passwords in cleartext, which allows remote administrators to obtain sensitive information by reading the log at debug/startup/.
|
CWE-200
Information Exposure
|
CVE-2015-1456
|
2024-11-21 11:25 |
2015-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
