|
277841
|
- |
|
cisco
|
spa500_firmware
spa_501g_8-line_ip_phone
spa_502g_1-line_ip_phone
spa_504g_4-line_ip_phone
spa_508g_8-line_ip_phone
spa_509g_12-line_ip_phone
spa_512g_1-line_ip_phone
spa_514g_4-…
|
The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not properly support authentication, which allows remote attackers to read audio-stream data or origin…
|
CWE-287
Improper Authentication
|
CVE-2015-0670
|
2024-11-21 11:23 |
2015-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277842
|
- |
|
cisco
|
videoscape_delivery_system_for_internet_streamer
|
The DNS implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.2(1) allows remote attackers to cause a denial of service (CPU consumption and network-resource consump…
|
CWE-399
Resource Management Errors
|
CVE-2015-0671
|
2024-11-21 11:23 |
2015-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277843
|
- |
|
cisco
|
webex_meetings_server
|
Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server 2.5 and 2.5.99.2 allows remote attackers to inject arbitrary web script or HTML via unspecified ve…
|
CWE-79
Cross-site Scripting
|
CVE-2015-0668
|
2024-11-21 11:23 |
2015-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277844
|
- |
|
extplorer
|
extplorer
|
Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0896
|
2024-11-21 11:23 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277845
|
- |
|
cisco
|
content_services_switch_11500_firmware
|
The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier allows remote attackers to bypass intended restrictions on local-network device access via crafted …
|
CWE-284
Improper Access Control
|
CVE-2015-0667
|
2024-11-21 11:23 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277846
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted m…
|
CWE-20
Improper Input Validation
|
CVE-2015-0664
|
2024-11-21 11:23 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277847
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.
|
CWE-22
Path Traversal
|
CVE-2015-0665
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277848
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0663
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277849
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0662
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277850
|
- |
|
fedoraproject
suse
opensuse
|
fedora
opensuse_osc
opensuse
|
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
|
CWE-77
Command Injection
|
CVE-2015-0778
|
2024-11-21 11:23 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
