|
270261
|
- |
|
techno_project_japan
|
enisys_gw
|
Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to bypass intended access restrictions and read arbitrary uploaded files via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5671
|
2024-11-21 11:33 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270262
|
- |
|
techno_project_japan
|
enisys_gw
|
Cross-site scripting (XSS) vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-5670
|
2024-11-21 11:33 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270263
|
- |
|
techno_project_japan
|
enisys_gw
|
Techno Project Japan Enisys Gw before 1.4.1 allows remote authenticated users to write to arbitrary files and consequently execute arbitrary code via unspecified vectors.
|
NVD-CWE-noinfo
|
CVE-2015-5669
|
2024-11-21 11:33 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270264
|
- |
|
techno_project_japan
|
enisys_gw
|
SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2015-5668
|
2024-11-21 11:33 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270265
|
- |
|
tibco
|
spotfire_server
spotfire_analytics_platform_for_aws
|
Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform befor…
|
CWE-200
Information Exposure
|
CVE-2015-5713
|
2024-11-21 11:33 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270266
|
- |
|
tibco
|
spotfire_analytics_platform_for_aws
spotfire_server
|
Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6.0.x before 6.0.5, 6.5.x before 6.5.4, and 7.0.x before 7.0.1 and Spotfire Analytics Platform befor…
|
CWE-200
Information Exposure
|
CVE-2015-5712
|
2024-11-21 11:33 |
2015-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270267
|
- |
|
lockon
|
ec-cube
|
Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.3 allows remote attackers to hijack the authentication of arbitrary users for requests that write to PHP scripts,…
|
CWE-352
Origin Validation Error
|
CVE-2015-5665
|
2024-11-21 11:33 |
2015-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270268
|
- |
|
numara
|
asset_manager
|
HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-5448
|
2024-11-21 11:33 |
2015-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270269
|
- |
|
linux
canonical
debian
suse
|
linux_kernel
ubuntu_linux
debian_linux
suse_linux_enterprise_server
suse_linux_enterprise_desktop
|
Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2015-5707
|
2024-11-21 11:33 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270270
|
- |
|
airdroid
|
airdroid
|
The SAND STUDIO AirDroid application 1.1.0 and earlier for Android mishandles implicit intents, which allows attackers to obtain sensitive information via a crafted application.
|
CWE-200
Information Exposure
|
CVE-2015-5661
|
2024-11-21 11:33 |
2015-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
