|
271041
|
9.8 |
CRITICAL
Network
|
boschsecurity
|
nbn-498_dinion2x_day\/night_ip_cameras_firmware
|
The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows remote attackers to conduct XML injection attacks via the idstring parameter to …
|
CWE-91
Blind XPath Injection
|
CVE-2015-6970
|
2024-11-21 11:35 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271042
|
9.8 |
CRITICAL
Network
|
kaseya
|
virtual_system_administrator
|
Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before 9.1.0.9 does not properly require authentication, which allows remote attackers…
|
CWE-287
Improper Authentication
|
CVE-2015-6922
|
2024-11-21 11:35 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271043
|
8.8 |
HIGH
Network
|
kaseya
|
virtual_system_administrator
|
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, 9.0.0.0 before 9.0.0.19, and 9.1.0.0 before 9.1.0.9 allows remote aut…
|
CWE-22
Path Traversal
|
CVE-2015-6589
|
2024-11-21 11:35 |
2020-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271044
|
3.5 |
LOW
Adjacent
|
qemu
fedoraproject
novell
canonical
redhat
xen
arista
|
qemu
fedora
suse_linux_enterprise_server
suse_linux_enterprise_debuginfo
suse_linux_enterprise_desktop
suse_linux_enterprise_software_development_kit
ubuntu_linux
enterprise_linu…
|
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of ser…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2015-6815
|
2024-11-21 11:35 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271045
|
5.5 |
MEDIUM
Local
|
freereprintables
|
articlefr
|
Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter.
|
CWE-22
Path Traversal
|
CVE-2015-6591
|
2024-11-21 11:35 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271046
|
8.8 |
HIGH
Network
|
magento
|
magento
|
The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.…
|
CWE-20
Improper Input Validation
|
CVE-2015-6497
|
2024-11-21 11:35 |
2020-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271047
|
7.5 |
HIGH
Network
|
cloudera
|
cloudera_manager
|
There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles.
|
CWE-200
Information Exposure
|
CVE-2015-6495
|
2024-11-21 11:35 |
2019-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271048
|
6.1 |
MEDIUM
Network
|
edx
|
edx-platform
|
edx-platform before 2015-09-17 allows XSS via a team name.
|
CWE-79
Cross-site Scripting
|
CVE-2015-6960
|
2024-11-21 11:35 |
2019-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271049
|
8.8 |
HIGH
Network
|
moxa
|
softcms
|
Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6458
|
2024-11-21 11:35 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271050
|
8.8 |
HIGH
Network
|
moxa
|
softcms
|
Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6457
|
2024-11-21 11:35 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
