|
269961
|
- |
|
cisco
|
hosted_collaboration_solution
unified_communications_domain_manager
|
Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pathname access attempts depending on whether the pathname exists, which allows remote attackers to ma…
|
CWE-200
Information Exposure
|
CVE-2015-6352
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269962
|
- |
|
cisco
|
asr_5000_software
|
Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19.2.0 allow remote attackers to cause a denial of service (BGP process restart) via a crafted header…
|
CWE-20
Improper Input Validation
|
CVE-2015-6351
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269963
|
- |
|
cisco
|
prime_service_catalog
|
SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuw50843.
|
CWE-89
SQL Injection
|
CVE-2015-6350
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269964
|
- |
|
cisco
|
secure_access_control_server
|
Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HT…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6349
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269965
|
- |
|
cisco
|
secure_access_control_server
|
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read repor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6348
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269966
|
- |
|
cisco
|
secure_access_control_server
|
The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an uns…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6347
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269967
|
- |
|
cisco
|
secure_access_control_server
|
Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6346
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269968
|
- |
|
cisco
|
secure_access_control_server
|
SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug…
|
CWE-89
SQL Injection
|
CVE-2015-6345
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269969
|
- |
|
cisco
|
asa_cx_context-aware_security_software
|
The web-based GUI in Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security 9.3(4.1.11) allows remote authenticated users to bypass intended access restrictions and obtain sensitive user i…
|
CWE-200
Information Exposure
|
CVE-2015-6344
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269970
|
- |
|
owncloud
|
owncloud
|
ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might allow remote instance administrators to obtain sensitive credential and cookie information by read…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2015-5955
|
2024-11-21 11:34 |
2015-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
