|
274131
|
- |
|
ininet_solutions
|
scada_web_server
|
IniNet embeddedWebServer (aka eWebServer) before 2.02 mishandles URL encoding, which allows remote attackers to write to or delete files via a crafted string.
|
NVD-CWE-Other
|
CVE-2015-1002
|
2024-11-21 11:24 |
2015-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274132
|
- |
|
ininet_solutions
|
scada_web_server
|
Multiple stack-based buffer overflows in IniNet embeddedWebServer (aka eWebServer) before 2.02 allow remote attackers to execute arbitrary code via a long field in an HTTP request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1001
|
2024-11-21 11:24 |
2015-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274133
|
- |
|
vmware
|
vcenter_server
|
vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote attackers to cause a denial of service via a long heartbeat message.
|
CWE-20
Improper Input Validation
|
CVE-2015-1047
|
2024-11-21 11:24 |
2015-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274134
|
- |
|
omron
|
cx-programmer
cj2m_plc
cj2h_plc
|
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it…
|
CWE-200
Information Exposure
|
CVE-2015-1015
|
2024-11-21 11:24 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274135
|
- |
|
omron
|
cx-programmer
|
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a fi…
|
CWE-200
Information Exposure
|
CVE-2015-0988
|
2024-11-21 11:24 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274136
|
- |
|
omron
|
cx-programmer
cj2h_plc
cj2m_plc
|
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2015-0987
|
2024-11-21 11:24 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274137
|
- |
|
unit4
|
teta_web
|
Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not properly restrict access to the (1) Design Mode and (2) Debug Logger mode modules, which allows remote attackers to gain privileges …
|
CWE-284
Improper Access Control
|
CVE-2015-1173
|
2024-11-21 11:24 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274138
|
- |
|
basware
|
banking
|
Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user cred…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2015-0943
|
2024-11-21 11:24 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274139
|
- |
|
gsm
|
sim_card_editor
|
Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1171
|
2024-11-21 11:24 |
2015-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274140
|
- |
|
indusoft
wonderware
|
web_studio
intouch
|
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local user…
|
CWE-200
Information Exposure
|
CVE-2015-1009
|
2024-11-21 11:24 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
