|
270241
|
5.4 |
MEDIUM
Network
|
hp
|
storeonce_backup_system_software
|
Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5447
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270242
|
7.5 |
HIGH
Adjacent
|
hp
|
storeonce_backup_system_software
|
HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-5446
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270243
|
8.8 |
HIGH
Network
|
hp
|
storeonce_backup_system_software
|
Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown …
|
CWE-352
Origin Validation Error
|
CVE-2015-5445
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270244
|
6.5 |
MEDIUM
Network
|
hp
|
jc653a_hp_12518_dc_switch_chassis
jh179a_hp_flexfabric_5930_4-slot_switch
jg362b_hp_hsr6804_router_chassis
jg834a_hp_flexfabric_12508e_ac_switch_taa-compliant_chassis
jg802a_hp_ff_12500e_…
|
HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attackers to bypass intended access restrictions or cause a denial of service via "Virtual routing and fo…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5434
|
2024-11-21 11:33 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270245
|
7.4 |
HIGH
Local
|
rarlab
|
winrar
|
The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges via a Trojan horse file with a name similar to an extensionless filename that was selected by the u…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5663
|
2024-11-21 11:33 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270246
|
- |
|
hp
|
operations_orchestration
|
Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 10.22.001 allows remote attackers to hijack the authentication of unspecified victims via unknown ve…
|
CWE-352
Origin Validation Error
|
CVE-2015-5451
|
2024-11-21 11:33 |
2015-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270247
|
- |
|
apple
|
iphone_os
|
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5787
|
2024-11-21 11:33 |
2015-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270248
|
- |
|
sudo_project
|
sudo
|
sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by "/home/*/*/…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5602
|
2024-11-21 11:33 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270249
|
- |
|
hp
|
archsight_management_center
arcsight_logger
|
Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via unspec…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5441
|
2024-11-21 11:33 |
2015-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270250
|
- |
|
adways
|
party_track_sdk
|
The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a c…
|
CWE-310
Cryptographic Issues
|
CVE-2015-5655
|
2024-11-21 11:33 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
