|
270071
|
- |
|
cisco
|
ios
ios_xe
|
The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E…
|
CWE-20
Improper Input Validation
|
CVE-2015-6279
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270072
|
- |
|
cisco
|
ios
ios_xe
|
The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.2SE, 3.3SE, 3.3XO, 3.4SG, 3.5E, and 3.6E before 3.6.3E; 3.7E…
|
CWE-20
Improper Input Validation
|
CVE-2015-6278
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270073
|
- |
|
refbase
|
refbase
|
Multiple open redirect vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to redirect users to arbitrary web sites and co…
|
NVD-CWE-Other
|
CVE-2015-6012
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270074
|
- |
|
refbase
|
refbase
|
Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allows remote attackers to conduct XML injection attacks via (1) the id parameter to unapi.php or (2) the styles…
|
NVD-CWE-Other
|
CVE-2015-6011
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270075
|
- |
|
refbase
|
refbase
|
Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to inject arbitrary web script or …
|
CWE-79
Cross-site Scripting
|
CVE-2015-6010
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270076
|
- |
|
refbase
|
refbase
|
Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 allow remote attackers to execute arbitrary SQL commands via (1) the where parameter to rss.php or (2) the…
|
CWE-89
SQL Injection
|
CVE-2015-6009
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270077
|
- |
|
refbase
|
refbase
|
install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute arbitrary commands via the adminPassword parameter, a different issue than CVE-2015-7381.
|
CWE-78
OS Command
|
CVE-2015-6008
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270078
|
- |
|
refbase
|
refbase
|
Cross-site request forgery (CSRF) vulnerability in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-6007
|
2024-11-21 11:34 |
2015-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270079
|
- |
|
everest
|
peakhmi
|
Everest PeakHMI before 8.7.0.2, when the video server is used, allows remote attackers to cause a denial of service (incorrect pointer dereference and daemon crash) via a crafted packet.
|
NVD-CWE-Other
|
CVE-2015-6454
|
2024-11-21 11:34 |
2015-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270080
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation f…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-6306
|
2024-11-21 11:34 |
2015-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
