|
276281
|
- |
|
cisco
|
unified_meetingplace
|
Multiple cross-site request forgery (CSRF) vulnerabilities in API features in Cisco Unified MeetingPlace 8.6(1.9) allow remote attackers to hijack the authentication of arbitrary users, aka Bug ID CS…
|
CWE-352
Origin Validation Error
|
CVE-2015-0704
|
2024-11-21 11:23 |
2015-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276282
|
- |
|
cisco
|
unified_meetingplace
|
Cross-site scripting (XSS) vulnerability in the administrative web interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0703
|
2024-11-21 11:23 |
2015-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276283
|
- |
|
cisco
|
unified_meetingplace
|
Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified MeetingPlace 8.6(1.9) allows remote authenticated users to execute arbitrary code by using the lang…
|
CWE-20
CWE-434
Improper Input Validation
Unrestricted Upload of File with Dangerous Type
|
CVE-2015-0702
|
2024-11-21 11:23 |
2015-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276284
|
- |
|
sixapart
|
movabletype
|
Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related …
|
CWE-94
Code Injection
|
CVE-2015-0845
|
2024-11-21 11:23 |
2015-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276285
|
- |
|
cisco
|
secure_access_control_server_solution_engine
|
Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote attac…
|
CWE-352
Origin Validation Error
|
CVE-2015-0700
|
2024-11-21 11:23 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276286
|
- |
|
cisco
|
ios_xr
|
Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote attacker…
|
CWE-399
CWE-19
Resource Management Errors
Data Processing Errors
|
CVE-2015-0695
|
2024-11-21 11:23 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276287
|
- |
|
cisco
|
secure_desktop
|
A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001.
|
CWE-264
CWE-78
Permissions, Privileges, and Access Controls
OS Command
|
CVE-2015-0691
|
2024-11-21 11:23 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276288
|
- |
|
emc
|
networker
|
Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0530
|
2024-11-21 11:23 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276289
|
- |
|
oracle
|
mysql
|
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : SP.
|
NVD-CWE-noinfo
|
CVE-2015-0511
|
2024-11-21 11:23 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276290
|
- |
|
oracle
|
commerce_platform
|
Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo Applicati…
|
NVD-CWE-noinfo
|
CVE-2015-0510
|
2024-11-21 11:23 |
2015-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
