|
271511
|
- |
|
fortinet
|
forticlient
|
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fortinet FortiClient before 5.2.4 allow local users to read arbitrary kernel memory via a 0x22608C io…
|
CWE-200
Information Exposure
|
CVE-2015-4077
|
2024-11-21 11:30 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271512
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv105…
|
CWE-78
OS Command
|
CVE-2015-4330
|
2024-11-21 11:30 |
2015-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271513
|
- |
|
linux
|
linux_kernel
|
Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly hav…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4036
|
2024-11-21 11:30 |
2015-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271514
|
- |
|
innominate
|
mguard_firmware
|
The IPsec SA establishment process on Innominate mGuard devices with firmware 8.x before 8.1.7 allows remote authenticated users to cause a denial of service (VPN service restart) by leveraging a pee…
|
CWE-20
Improper Input Validation
|
CVE-2015-3966
|
2024-11-21 11:30 |
2015-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271515
|
- |
|
sonicwall
|
netextender
|
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2015-4173
|
2024-11-21 11:30 |
2015-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271516
|
- |
|
qemu
|
qemu
|
The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by creati…
|
CWE-17
Code
|
CVE-2015-4037
|
2024-11-21 11:30 |
2015-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271517
|
- |
|
oracle
rubygems
|
solaris
rubygems
|
RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests t…
|
CWE-20
Improper Input Validation
|
CVE-2015-4020
|
2024-11-21 11:30 |
2015-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271518
|
- |
|
cisco
|
prime_infrastructure
|
Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows remote authenticated users to bypass intended access restrictions via a username with a modified composi…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4331
|
2024-11-21 11:30 |
2015-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271519
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cause a denial of service via invalid variables in a GET request, aka Bug ID CSCuv40528.
|
CWE-399
Resource Management Errors
|
CVE-2015-4318
|
2024-11-21 11:30 |
2015-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271520
|
- |
|
cisco
|
telepresence_video_communication_server_software
|
The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to execute arbitrary OS commands via crafted HTTP requests, aka Bug ID …
|
CWE-20
Improper Input Validation
|
CVE-2015-4329
|
2024-11-21 11:30 |
2015-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
