|
269161
|
- |
|
csl_dualcom
|
gprs_cs2300-r_firmware
|
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN across different customers' installations, which allows remote attackers to execute commands by lever…
|
CWE-255
Credentials Management
|
CVE-2015-7287
|
2024-11-21 11:36 |
2015-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269162
|
- |
|
csl_dualcom
|
gprs_cs2300-r_firmware
|
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographi…
|
CWE-310
Cryptographic Issues
|
CVE-2015-7286
|
2024-11-21 11:36 |
2015-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269163
|
- |
|
csl_dualcom
|
gprs_cs2300-r_firmware
|
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication from Alarm Receiving Center (ARC) servers, which allows man-in-the-middle attackers to bypass intended …
|
CWE-287
Improper Authentication
|
CVE-2015-7285
|
2024-11-21 11:36 |
2015-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269164
|
- |
|
fedoraproject
gnome
|
fedora
gnome_display_manager
|
GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7496
|
2024-11-21 11:36 |
2015-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269165
|
- |
|
apple
|
mac_os_x
iphone_os
|
The fts3_tokenizer function in SQLite, as used in Apple iOS before 8.4 and OS X before 10.10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via …
|
CWE-20
Improper Input Validation
|
CVE-2015-7036
|
2024-11-21 11:36 |
2015-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269166
|
- |
|
arris
|
na_model_862_gw_mono_firmware
|
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 all…
|
CWE-352
Origin Validation Error
|
CVE-2015-7291
|
2024-11-21 11:36 |
2015-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269167
|
- |
|
arris
|
na_model_862_gw_mono_firmware
|
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows rem…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7290
|
2024-11-21 11:36 |
2015-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269168
|
- |
|
arris
|
na_model_862_gw_mono_firmware
|
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remot…
|
CWE-255
Credentials Management
|
CVE-2015-7289
|
2024-11-21 11:36 |
2015-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269169
|
- |
|
open-xchange
|
ox_guard
|
Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7385
|
2024-11-21 11:36 |
2015-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269170
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-aft…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2015-7312
|
2024-11-21 11:36 |
2015-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
