|
276551
|
- |
|
cups
|
cups
|
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1159
|
2024-11-21 11:24 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276552
|
- |
|
cups
|
cups
|
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free operations for multiple-value job-originating-host-name attributes, which allows remote attackers to trig…
|
CWE-254
7PK - Security Features
|
CVE-2015-1158
|
2024-11-21 11:24 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276553
|
- |
|
pearson
|
proctorcache
|
Pearson ProctorCache before 2015.1.17 uses the same hardcoded password across different customers' installations, which allows remote attackers to modify test metadata or cause a denial of service (t…
|
CWE-255
Credentials Management
|
CVE-2015-0972
|
2024-11-21 11:24 |
2015-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276554
|
- |
|
moxa
|
softcms
|
Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka SStreamVideo) ActiveX control in Moxa SoftCMS before 1.3 allows remote attackers to execute arbitrary …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1000
|
2024-11-21 11:24 |
2015-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276555
|
- |
|
rockwellautomation
|
rsview32
|
Rockwell Automation RSView32 7.60.00 (aka CPR9 SR4) and earlier does not properly encrypt credentials, which allows local users to obtain sensitive information by reading a file and conducting a decr…
|
CWE-310
Cryptographic Issues
|
CVE-2015-1010
|
2024-11-21 11:24 |
2015-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276556
|
- |
|
apple
|
iphone_os
mac_os_x
itunes
|
CoreText in Apple iOS 8.x through 8.3 allows remote attackers to cause a denial of service (reboot and messaging disruption) via crafted Unicode text that is not properly handled during display trunc…
|
CWE-17
Code
|
CVE-2015-1157
|
2024-11-21 11:24 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276557
|
- |
|
moxa
|
vport_activex_sdk_plus
|
Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attackers to insert assembly-code lines via vectors involving a regkey (1) set or (2) get command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0986
|
2024-11-21 11:24 |
2015-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276558
|
- |
|
osisoft
|
pi_sql_for_af
pi_server
|
OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended comm…
|
CWE-89
SQL Injection
|
CVE-2015-1013
|
2024-11-21 11:24 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276559
|
- |
|
emerson
|
ams_device_manager
|
SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated users to gain privileges via malformed input.
|
CWE-89
SQL Injection
|
CVE-2015-1008
|
2024-11-21 11:24 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
276560
|
- |
|
barracuda
|
web_filter
|
Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority certificate across different customers' installations, which makes it eas…
|
CWE-18
Source Code
|
CVE-2015-0962
|
2024-11-21 11:24 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
