|
269421
|
9.8 |
CRITICAL
Network
|
zohocorp
|
manageengine_opmanager
|
Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. The implemented algorithm doesn't use a per-system key o…
|
CWE-310
Cryptographic Issues
|
CVE-2015-9107
|
2024-11-21 11:39 |
2017-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269422
|
5.4 |
MEDIUM
Network
|
synology
|
video_station
|
Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1.5 before 1.5-0772, and 1.6 before 1.6-0847 allow remote authenticated attackers to inject arbitrar…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9105
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269423
|
5.4 |
MEDIUM
Network
|
synology
|
audio_station
|
Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the a…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9104
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269424
|
5.4 |
MEDIUM
Network
|
synology
|
note_station
|
Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9103
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269425
|
5.4 |
MEDIUM
Network
|
synology
|
photo_station
|
Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station 6.0 before 6.0-2638 and 6.3 before 6.3-2962 allow remote authenticated attackers to inject arbitrary web script or HTML v…
|
CWE-79
Cross-site Scripting
|
CVE-2015-9102
|
2024-11-21 11:39 |
2017-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269426
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99.1, 3.99.2, 3.99.3, 3.99.4 and 3.99.5 allows remote attackers to cause a denial of service (heap-ba…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-9101
|
2024-11-21 11:39 |
2017-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269427
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted audio fi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-9100
|
2024-11-21 11:39 |
2017-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269428
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted audio file with a negati…
|
CWE-125
Out-of-bounds Read
|
CVE-2015-9099
|
2024-11-21 11:39 |
2017-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269429
|
9.8 |
CRITICAL
Network
|
red-gate
|
sql_monitor
|
In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Monitor, resulting in the ability to execute arbitrary SQL commands on any monitor…
|
CWE-89
SQL Injection
|
CVE-2015-9098
|
2024-11-21 11:39 |
2017-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
269430
|
6.1 |
MEDIUM
Network
|
elastic
|
kibana
|
Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack.
|
CWE-79
Cross-site Scripting
|
CVE-2015-9056
|
2024-11-21 11:39 |
2017-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
