|
272341
|
- |
|
medicomp
|
medcin_engine
|
The AddUserFinding add_userfinding2 function in Medicomp MEDCIN Engine before 2.22.20153.226 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified ot…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2900
|
2024-11-21 11:28 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272342
|
- |
|
medicomp
|
medcin_engine
|
Heap-based buffer overflow in the QualifierList retrieve_qualifier_list function in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to execute arbitrary code via a long list…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2899
|
2024-11-21 11:28 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272343
|
- |
|
medicomp
|
medcin_engine
|
Multiple stack-based buffer overflows in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to execute arbitrary code via a crafted packet on port 8190, related to (1) the SetG…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-2898
|
2024-11-21 11:28 |
2015-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272344
|
- |
|
polkit_project
|
polkit
|
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer derefer…
|
NVD-CWE-Other
|
CVE-2015-3218
|
2024-11-21 11:28 |
2015-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272345
|
- |
|
datalex
|
airline_booking_software
|
Datalex airline booking software before 2015-09-03 allows remote attackers to read or write to arbitrary user data via a modified profileId parameter to (1) ValidateFormAction.do or (2) ProfileConfir…
|
NVD-CWE-Other
|
CVE-2015-2858
|
2024-11-21 11:28 |
2015-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272346
|
- |
|
h5ai_project
|
h5ai
|
Unrestricted file upload vulnerability in h5ai before 0.25.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request…
|
NVD-CWE-Other
|
CVE-2015-3203
|
2024-11-21 11:28 |
2015-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272347
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier …
|
CWE-20
Improper Input Validation
|
CVE-2015-2917
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272348
|
- |
|
securifi
|
almond-2015_firmware
almond_firmware
|
Cross-site request forgery (CSRF) vulnerability on Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M allows remote attackers t…
|
CWE-352
Origin Validation Error
|
CVE-2015-2916
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272349
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M have a default password of admin for the admin account, which allows remote …
|
CWE-255
Credentials Management
|
CVE-2015-2915
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272350
|
- |
|
securifi
|
almond_firmware
almond-2015_firmware
|
Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M use a fixed source-port number in outbound DNS queries performed on behalf o…
|
NVD-CWE-Other
|
CVE-2015-2914
|
2024-11-21 11:28 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
