|
273811
|
- |
|
siemens
|
spcanywhere
|
The Siemens SPCanywhere application for Android does not properly store application passwords, which allows physically proximate attackers to obtain sensitive information by examining the device file…
|
CWE-200
Information Exposure
|
CVE-2015-1598
|
2024-11-21 11:25 |
2015-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273812
|
- |
|
siemens
|
spcanywhere
|
The Siemens SPCanywhere application for Android does not use encryption during the loading of code, which allows man-in-the-middle attackers to execute arbitrary code by modifying the client-server d…
|
CWE-94
Code Injection
|
CVE-2015-1597
|
2024-11-21 11:25 |
2015-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273813
|
- |
|
siemens
|
spcanywhere
|
The Siemens SPCanywhere application for Android and iOS does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive in…
|
CWE-310
Cryptographic Issues
|
CVE-2015-1596
|
2024-11-21 11:25 |
2015-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273814
|
- |
|
siemens
|
spcanywhere
|
The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addre…
|
CWE-200
Information Exposure
|
CVE-2015-1595
|
2024-11-21 11:25 |
2015-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273815
|
- |
|
siemens
|
starter
simatic_prosave
simotion_scout
simatic_cfc
simatic_step_7
|
Untrusted search path vulnerability in Siemens SIMATIC ProSave before 13 SP1; SIMATIC CFC before 8.0 SP4 Upd9 and 8.1 before Upd1; SIMATIC STEP 7 before 5.5 SP1 HF2, 5.5 SP2 before HF7, 5.5 SP3, and …
|
NVD-CWE-Other
|
CVE-2015-1594
|
2024-11-21 11:25 |
2015-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273816
|
- |
|
symantec
|
netbackup_opscenter
|
Symantec NetBackup OpsCenter 7.6.0.2 through 7.6.1 on Linux and UNIX allows remote attackers to execute arbitrary JavaScript code via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-1483
|
2024-11-21 11:25 |
2015-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273817
|
- |
|
microsoft
|
windows_server_2008
windows_server_2012
windows_rt
windows_8.1
windows_7
windows_rt_8.1
windows_vista
windows_8
windows_server_2003
|
Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and …
|
CWE-310
Cryptographic Issues
|
CVE-2015-1637
|
2024-11-21 11:25 |
2015-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273818
|
- |
|
netgate
debian
freebsd
|
pfsense
debian_linux
freebsd
|
Integer overflow in FreeBSD before 8.4 p24, 9.x before 9.3 p10. 10.0 before p18, and 10.1 before p6 allows remote attackers to cause a denial of service (crash) via a crafted IGMP packet, which trigg…
|
NVD-CWE-Other
|
CVE-2015-1414
|
2024-11-21 11:25 |
2015-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273819
|
- |
|
dell
|
asset_manager
|
Multiple SQL injection vulnerabilities in Dell ScriptLogic Asset Manager (aka Quest Workspace Asset Manager) before 9.5 allow remote attackers to execute arbitrary SQL commands via unspecified vector…
|
CWE-89
SQL Injection
|
CVE-2015-1605
|
2024-11-21 11:25 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273820
|
- |
|
e2fsprogs_project
debian
canonical
|
e2fsprogs
debian_linux
ubuntu_linux
|
Heap-based buffer overflow in closefs.c in the libext2fs library in e2fsprogs before 1.42.12 allows local users to execute arbitrary code by causing a crafted block group descriptor to be marked as d…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1572
|
2024-11-21 11:25 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
