|
277581
|
- |
|
cisco
|
adaptive_security_appliance_software
|
The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1(6), 9.2 before 9.2(3.3), and 9.3 before 9.3(3) does not properly validate failover communication m…
|
CWE-284
Improper Access Control
|
CVE-2015-0675
|
2024-11-21 11:23 |
2015-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277582
|
- |
|
cisco
|
ios_xr
asr_9001
asr_9006
asr_9010
asr_9904
asr_9912
asr_9922
|
Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a single-host constraint, which allows remote attackers to bypass intended network-resource access restr…
|
CWE-284
Improper Access Control
|
CVE-2015-0694
|
2024-11-21 11:23 |
2015-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277583
|
- |
|
cisco
|
web_security_appliance
|
Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execut…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0692
|
2024-11-21 11:23 |
2015-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277584
|
- |
|
cisco
|
asa_with_firepower_services
asa_cx_context-aware_security_software
|
The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of serv…
|
CWE-20
Improper Input Validation
|
CVE-2015-0678
|
2024-11-21 11:23 |
2015-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277585
|
- |
|
arj_software
fedoraproject
|
arj_archiver
fedora
|
Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows remote attackers to conduct absolute path traversal attacks and write to arbitrary files via multipl…
|
CWE-22
Path Traversal
|
CVE-2015-0557
|
2024-11-21 11:23 |
2015-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277586
|
- |
|
arj_software
fedoraproject
|
arj_archiver
fedora
|
Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via a symlink attack in an ARJ archive.
|
CWE-59
Link Following
|
CVE-2015-0556
|
2024-11-21 11:23 |
2015-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277587
|
- |
|
canonical
opensuse
mozilla
|
ubuntu_linux
opensuse
firefox
|
The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle attackers to bypass an intended X.509 certificate-verification step for an SSL server by specifying tha…
|
CWE-20
Improper Input Validation
|
CVE-2015-0799
|
2024-11-21 11:23 |
2015-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277588
|
- |
|
oracle
mozilla
|
solaris
firefox
|
The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release, does not properly handle privileged URLs, which makes it easier for remote attackers to execute a…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0798
|
2024-11-21 11:23 |
2015-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277589
|
- |
|
bblog_project
|
bblog
|
Cross-site request forgery (CSRF) vulnerability in bBlog allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-0905
|
2024-11-21 11:23 |
2015-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277590
|
- |
|
saurus
|
saurus_cms
|
Multiple cross-site scripting (XSS) vulnerabilities in the print_language_selectbox function in classes/adminpage.inc.php in Saurus CMS Community Edition before 4.7 2015-02-04 allow remote attackers …
|
CWE-79
Cross-site Scripting
|
CVE-2015-0876
|
2024-11-21 11:23 |
2015-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
