|
272471
|
- |
|
fortinet
|
fortimanager_firmware
fortianalyzer_firmware
|
Cross-site scripting (XSS) vulnerability in the advanced dataset reports page in Fortinet FortiAnalyzer 5.0.0 through 5.0.10 and 5.2.0 through 5.2.1 and FortiManager 5.0.3 through 5.0.10 and 5.2.0 th…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3620
|
2024-11-21 11:29 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272472
|
- |
|
xml-libxml_project
canonical
debian
fedoraproject
opensuse
|
xml-libxml
ubuntu_linux
debian_linux
fedora
opensuse
|
The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to t…
|
CWE-611
XXE
|
CVE-2015-3451
|
2024-11-21 11:29 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272473
|
- |
|
thekelleys
oracle
|
dnsmasq
solaris
|
The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of se…
|
CWE-19
Data Processing Errors
|
CVE-2015-3294
|
2024-11-21 11:29 |
2015-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272474
|
- |
|
siemens
|
homecontrol_for_room_automation
|
The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obt…
|
CWE-310
Cryptographic Issues
|
CVE-2015-3610
|
2024-11-21 11:29 |
2015-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272475
|
- |
|
foxitsoftware
|
enterprise_reader
foxit_reader
phantompdf
|
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via vectors related to digital signatures.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3633
|
2024-11-21 11:29 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272476
|
- |
|
foxitsoftware
|
enterprise_reader
phantompdf
foxit_reader
|
Foxit Reader, Enterprise Reader, and PhantomPDF before 7.1.5 allow remote attackers to cause a denial of service (memory corruption and crash) via a crafted GIF in a PDF file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-3632
|
2024-11-21 11:29 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272477
|
- |
|
alienvault
|
unified_security_management
|
The Framework Daemon in AlienVault Unified Security Management before 4.15 allows remote attackers to execute arbitrary Python code via a crafted plugin configuration file (.cfg).
|
CWE-94
Code Injection
|
CVE-2015-3446
|
2024-11-21 11:29 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272478
|
- |
|
samsung
|
samsung_security_manager
|
Samsung Security Manager (SSM) before 1.31 allows remote attackers to execute arbitrary code by uploading a file with an HTTP (1) PUT or (2) MOVE request.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3435
|
2024-11-21 11:29 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272479
|
- |
|
elasticsearch
|
elasticsearch
|
Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2015-3337
|
2024-11-21 11:29 |
2015-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272480
|
- |
|
hospira
|
lifecare_pcainfusion_firmware
lifecare_pca3
lifecare_pca5
|
The communication module on the Hospira LifeCare PCA Infusion System before 7.0 does not require authentication for root TELNET sessions, which allows remote attackers to modify the pump configuratio…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-3459
|
2024-11-21 11:29 |
2015-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
