|
277531
|
5.9 |
MEDIUM
Network
|
okb
|
smart_passbook
|
Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to obtain sensitive information from encrypted communications via a crafted cer…
|
CWE-295
Improper Certificate Validation
|
CVE-2015-0874
|
2024-11-21 11:23 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277532
|
7.5 |
HIGH
Network
|
cisco
|
cloud_web_security
|
Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protection mechanisms by leveraging improper handling of HTTP methods, aka Bug ID CSCut69743.
|
CWE-119
CWE-19
Incorrect Access of Indexable Resource ('Range Error')
Data Processing Errors
|
CVE-2015-0689
|
2024-11-21 11:23 |
2017-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277533
|
8.8 |
HIGH
Network
|
pysvn_project
|
svn-workbench
|
svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbitrary commands by using the "Command Shell" menu item while in the directory trunk/$(xeyes).
|
CWE-20
Improper Input Validation
|
CVE-2015-0853
|
2024-11-21 11:23 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277534
|
7.0 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in HSDPA.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0576
|
2024-11-21 11:23 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277535
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuites were included in the default configuration.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2015-0575
|
2024-11-21 11:23 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277536
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.
|
CWE-20
Improper Input Validation
|
CVE-2015-0574
|
2024-11-21 11:23 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277537
|
9.8 |
CRITICAL
Network
|
novell
|
zenworks_configuration_management
|
Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecif…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-0786
|
2024-11-21 11:23 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277538
|
7.5 |
HIGH
Network
|
novell
|
zenworks_configuration_management
|
com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable.
|
CWE-200
Information Exposure
|
CVE-2015-0785
|
2024-11-21 11:23 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277539
|
7.5 |
HIGH
Network
|
novell
|
zenworks_configuration_management
|
Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable.
|
CWE-200
Information Exposure
|
CVE-2015-0784
|
2024-11-21 11:23 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277540
|
6.5 |
MEDIUM
Network
|
novell
|
zenworks_configuration_management
|
The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable.
|
CWE-200
Information Exposure
|
CVE-2015-0783
|
2024-11-21 11:23 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
