|
274031
|
- |
|
mcafee
|
epolicy_orchestrator
|
McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across different customers' installations, which allows attackers to obtain the administrator password by …
|
CWE-200
Information Exposure
|
CVE-2015-0922
|
2024-11-21 11:24 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274032
|
- |
|
mcafee
|
epolicy_orchestrator
|
XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 allows remote authenticated users to read arbitrary files via the…
|
NVD-CWE-Other
|
CVE-2015-0921
|
2024-11-21 11:24 |
2015-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274033
|
5.9 |
MEDIUM
Network
|
line
|
line
|
LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable to MITM (man-in-the-middle) attack since the application allows non-SSL/TLS communications. As a r…
|
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
|
CVE-2015-0897
|
2024-11-21 11:23 |
2023-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274034
|
10.0 |
CRITICAL
Network
|
google
|
native_client
|
NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0565
|
2024-11-21 11:23 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274035
|
6.1 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software. The vulnerabilities is…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0749
|
2024-11-21 11:23 |
2020-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274036
|
5.3 |
MEDIUM
Network
|
adbglobal
|
p.dga4001n_firmware
|
The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6, and possibly other routers, uses "1236790" and the MAC address to generate the WPA key.
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2015-0558
|
2024-11-21 11:23 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274037
|
7.5 |
HIGH
Network
|
monopd_project
|
monopd
|
Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8, allows remote attackers to cause a denial of service (crash) via a long line.
|
CWE-193
Off-by-one Error
|
CVE-2015-0841
|
2024-11-21 11:23 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274038
|
5.9 |
MEDIUM
Network
|
gnupg
debian
|
gnupg
libgcrypt
debian_linux
|
The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during mo…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2015-0837
|
2024-11-21 11:23 |
2019-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274039
|
7.8 |
HIGH
Local
|
opensuse
|
open_buildservice
|
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow bu…
|
CWE-59
Link Following
|
CVE-2015-0796
|
2024-11-21 11:23 |
2018-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274040
|
5.9 |
MEDIUM
Network
|
okb
|
smart_passbook
|
Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted cer…
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0874
|
2024-11-21 11:23 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
