|
274961
|
- |
|
sap
|
sybase_unwired_platform_online_data_proxy
|
SAP Sybase Unwired Platform Online Data Proxy allows local users to obtain usernames and passwords via the DataVault, aka SAP Security Note 2094830.
|
CWE-200
Information Exposure
|
CVE-2015-3978
|
2024-11-21 11:30 |
2015-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274962
|
8.8 |
HIGH
Adjacent
|
yubico
|
ykneo-openpgp
|
Yubico ykneo-openpgp before 1.0.10 has a typo in which an invalid PIN can be used. When first powered up, a signature will be issued even though the PIN has not been validated.
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2015-3298
|
2024-11-21 11:29 |
2022-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274963
|
7.5 |
HIGH
Network
|
bitcoin
|
bitcoin_core
|
bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
|
NVD-CWE-noinfo
|
CVE-2015-3641
|
2024-11-21 11:29 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274964
|
7.5 |
HIGH
Network
|
etherpad
|
etherpad
|
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (do…
|
CWE-22
Path Traversal
|
CVE-2015-3309
|
2024-11-21 11:29 |
2020-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274965
|
8.8 |
HIGH
Network
|
netcracker
|
resource_management_system
|
Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) ctrl, (2) h____%2427, (3) h__…
|
CWE-89
SQL Injection
|
CVE-2015-3423
|
2024-11-21 11:29 |
2020-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274966
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortimanager
|
A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page
|
CWE-269
Improper Privilege Management
|
CVE-2015-3613
|
2024-11-21 11:29 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274967
|
5.4 |
MEDIUM
Network
|
fortinet
|
fortimanager
|
A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and earlier and 5.0.10 and earlier via an unspecified parameter in the FortiWeb auto update service page.
|
CWE-79
Cross-site Scripting
|
CVE-2015-3612
|
2024-11-21 11:29 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274968
|
8.8 |
HIGH
Network
|
fortinet
|
fortimanager
|
A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when exec…
|
CWE-78
OS Command
|
CVE-2015-3611
|
2024-11-21 11:29 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274969
|
6.1 |
MEDIUM
Network
|
accentis
|
content_resource_management_system
|
Cross-site scripting (XSS) vulnerability in Accentis Content Resource Management System before October 2015 patch allows remote attackers to inject arbitrary web script or HTML via the ctl00$cph_cont…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3425
|
2024-11-21 11:29 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
274970
|
8.8 |
HIGH
Network
|
accentis
|
content_resource_management_system
|
SQL injection vulnerability in Accentis Content Resource Management System before the October 2015 patch allows remote attackers to execute arbitrary SQL commands via the SIDX parameter.
|
CWE-89
SQL Injection
|
CVE-2015-3424
|
2024-11-21 11:29 |
2019-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
