|
276481
|
- |
|
zen-cart
|
zen_cart
|
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0882
|
2024-11-21 11:23 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276482
|
- |
|
cisco
|
application_networking_manager
|
Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisco Application Networking Manager (ANM), and Device Manager (DM) on Cisco 4710 Application Control Engine (ACE) appliances, allows…
|
CWE-352
Origin Validation Error
|
CVE-2015-0651
|
2024-11-21 11:23 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276483
|
- |
|
cisco
|
ios
ios_xe
|
Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service via a flood of Router Solicitation messages on the l…
|
CWE-362
Race Condition
|
CVE-2015-0632
|
2024-11-21 11:23 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276484
|
- |
|
cisco
|
security_manager
prime_lan_management_solution
|
Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS) and Cisco Security Manager, allow remote attackers…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0594
|
2024-11-21 11:23 |
2015-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276485
|
- |
|
cisco
|
unified_computing_system
|
The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earlier on C-Series servers allows remote attackers to bypass intended access restrictions by sending cr…
|
CWE-20
Improper Input Validation
|
CVE-2015-0633
|
2024-11-21 11:23 |
2015-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276486
|
- |
|
mozilla
|
firefox_esr
firefox
thunderbird
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 allow remote attackers to cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2015-0836
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276487
|
- |
|
mozilla
|
firefox
|
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
|
NVD-CWE-noinfo
|
CVE-2015-0835
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276488
|
- |
|
canonical
opensuse
mozilla
|
ubuntu_linux
opensuse
firefox
|
The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses the TURN or STUN server without using TLS, which makes it easier for man-in-the-middle attackers to …
|
CWE-200
Information Exposure
|
CVE-2015-0834
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276489
|
- |
|
opensuse
mozilla
|
evergreen
opensuse
firefox
thunderbird
firefox_esr
|
Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Thunderbird before 31.5 on Windows, when the Maintenance Service is not…
|
NVD-CWE-Other
|
CVE-2015-0833
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276490
|
- |
|
opensuse
canonical
mozilla
|
opensuse
ubuntu_linux
firefox
|
Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and without a trailing . (dot) character, which allows man-in-the-middle attackers to bypass the HPKP and …
|
CWE-254
7PK - Security Features
|
CVE-2015-0832
|
2024-11-21 11:23 |
2015-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
