|
270961
|
3.7 |
LOW
Network
|
netapp
|
data_ontap
|
NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-7886
|
2024-11-21 11:37 |
2016-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270962
|
3.7 |
LOW
Network
|
f5
|
big-ip_analytics
big-ip_application_acceleration_manager
big-ip_link_controller
big-ip_advanced_firewall_manager
big-ip_policy_enforcement_manager
big-ip_local_traffic_manager
big-i…
|
BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, Link Controller, and PEM 12.0.0 before HF1, when the TCP profile for a virtual server is configured with Congestion Metrics Cache enabled, allow remote atta…
|
CWE-20
Improper Input Validation
|
CVE-2015-7759
|
2024-11-21 11:37 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270963
|
7.8 |
HIGH
Local
|
huawei
|
p8_firmware
mate_7_firmware
|
Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 bef…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8088
|
2024-11-21 11:37 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270964
|
6.1 |
MEDIUM
Network
|
ssp-europe
|
secure_data_space
|
Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to api/v3/public/shar…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7706
|
2024-11-21 11:37 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270965
|
9.6 |
CRITICAL
Network
|
unitronics
|
visilogic_oplc_ide
|
Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7939
|
2024-11-21 11:37 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270966
|
9.8 |
CRITICAL
Network
|
advantech
|
eki-1321_series_firmware
eki-1322_series_firmware
|
Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors.
|
CWE-287
Improper Authentication
|
CVE-2015-7938
|
2024-11-21 11:37 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270967
|
5.9 |
MEDIUM
Network
|
mozilla
opensuse
canonical
|
network_security_services
leap
opensuse
firefox
ubuntu_linux
|
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in T…
|
CWE-19
Data Processing Errors
|
CVE-2015-7575
|
2024-11-21 11:37 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270968
|
3.3 |
LOW
Local
|
opensuse
gummi_project
|
leap
opensuse
gummi
|
Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .to…
|
CWE-59
Link Following
|
CVE-2015-7758
|
2024-11-21 11:37 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270969
|
8.1 |
HIGH
Network
|
juniper
|
screenos
|
Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation.
|
CWE-20
Improper Input Validation
|
CVE-2015-7754
|
2024-11-21 11:37 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270970
|
7.5 |
HIGH
Network
|
nodejs
|
node.js
|
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (unc…
|
CWE-17
Code
|
CVE-2015-8027
|
2024-11-21 11:37 |
2016-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
