|
268041
|
5.5 |
MEDIUM
Local
|
eparaksts
|
eparakstitajs_3
edoc-libraries
|
LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to read arbitrary files via crafted EDOC files.
|
CWE-200
Information Exposure
|
CVE-2015-8276
|
2024-11-21 11:38 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268042
|
5.5 |
MEDIUM
Local
|
eparaksts
|
eparakstitajs_3
edoc-libraries
|
LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files.
|
CWE-284
Improper Access Control
|
CVE-2015-8275
|
2024-11-21 11:38 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268043
|
7.5 |
HIGH
Network
|
axis
|
axis_communications_firmware
|
AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability."
|
CWE-74
Injection
|
CVE-2015-8258
|
2024-11-21 11:38 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268044
|
8.8 |
HIGH
Network
|
axis
|
axis_communications_firmware
|
AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi.
|
CWE-352
Origin Validation Error
|
CVE-2015-8255
|
2024-11-21 11:38 |
2017-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268045
|
8.8 |
HIGH
Network
|
huawei
|
logcenter
|
Huawei LogCenter V100R001C10 could allow an authenticated attacker to tamper with requests using a tool and submit a request to the server for privilege escalation, affecting some system functions.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8671
|
2024-11-21 11:38 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268046
|
6.5 |
MEDIUM
Network
|
huawei
|
logcenter
|
Huawei LogCenter V100R001C10 could allow an authenticated attacker to add abnormal device information to the log collection module, causing denial of service.
|
CWE-20
Improper Input Validation
|
CVE-2015-8670
|
2024-11-21 11:38 |
2017-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268047
|
5.5 |
MEDIUM
Local
|
openstack
|
glance
|
The image signature algorithm in OpenStack Glance 11.0.0 allows remote attackers to bypass the signature verification process via a crafted image, which triggers an MD5 collision.
|
CWE-310
Cryptographic Issues
|
CVE-2015-8234
|
2024-11-21 11:38 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268048
|
5.4 |
MEDIUM
Network
|
fomori
|
cherrymusic
|
Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist.
|
CWE-79
Cross-site Scripting
|
CVE-2015-8310
|
2024-11-21 11:38 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268049
|
4.3 |
MEDIUM
Network
|
fomori
|
cherrymusic
|
Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."
|
CWE-22
Path Traversal
|
CVE-2015-8309
|
2024-11-21 11:38 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268050
|
5.5 |
MEDIUM
Local
|
huawei
|
mate_s_firmware
p8_firmware
|
The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 …
|
CWE-20
Improper Input Validation
|
CVE-2015-8678
|
2024-11-21 11:38 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
