|
277271
|
- |
|
omron
|
cx-programmer
cj2m_plc
cj2h_plc
|
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 use a reversible format for password storage in object files on Compact Flash cards, which makes it…
|
CWE-200
Information Exposure
|
CVE-2015-1015
|
2024-11-21 11:24 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277272
|
- |
|
omron
|
cx-programmer
|
Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project source-code files, which makes it easier for local users to obtain sensitive information by reading a fi…
|
CWE-200
Information Exposure
|
CVE-2015-0988
|
2024-11-21 11:24 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277273
|
- |
|
omron
|
cx-programmer
cj2h_plc
cj2m_plc
|
Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers to obtain sensitive informat…
|
CWE-200
Information Exposure
|
CVE-2015-0987
|
2024-11-21 11:24 |
2015-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277274
|
- |
|
unit4
|
teta_web
|
Unit4 Polska TETA Web (formerly TETA Galactica) 22.62.3.4 does not properly restrict access to the (1) Design Mode and (2) Debug Logger mode modules, which allows remote attackers to gain privileges …
|
CWE-284
Improper Access Control
|
CVE-2015-1173
|
2024-11-21 11:24 |
2015-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277275
|
- |
|
basware
|
banking
|
Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client and the backend server, which allows man-in-the-middle attackers to obtain encryption keys, user cred…
|
CWE-200
CWE-254
Information Exposure
7PK - Security Features
|
CVE-2015-0943
|
2024-11-21 11:24 |
2015-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277276
|
- |
|
gsm
|
sim_card_editor
|
Stack-based buffer overflow in GSM SIM Utility (aka SIM Card Editor) 6.6 allows remote attackers to execute arbitrary code via a long entry in a .sms file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-1171
|
2024-11-21 11:24 |
2015-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277277
|
- |
|
indusoft
wonderware
|
web_studio
intouch
|
Schneider Electric InduSoft Web Studio before 7.1.3.5 Patch 5 and Wonderware InTouch Machine Edition through 7.1 SP3 Patch 4 use cleartext for project-window password storage, which allows local user…
|
CWE-200
Information Exposure
|
CVE-2015-1009
|
2024-11-21 11:24 |
2015-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277278
|
- |
|
hospira
|
lifecare_pcainfusion_firmware
|
Hospira LifeCare PCA Infusion System before 7.0 has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-1011
|
2024-11-21 11:24 |
2015-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277279
|
- |
|
icsgmbh
|
pactware
|
PACTware 4.1 SP3 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers an internal error.
|
CWE-19
Data Processing Errors
|
CVE-2015-0989
|
2024-11-21 11:24 |
2015-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277280
|
- |
|
cups
|
cups
|
Cross-site scripting (XSS) vulnerability in the cgi_puts function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inject arbitrary web script or HTML via …
|
CWE-79
Cross-site Scripting
|
CVE-2015-1159
|
2024-11-21 11:24 |
2015-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
