|
271701
|
- |
|
huawei
|
ar_firmware
|
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to …
|
CWE-22
Path Traversal
|
CVE-2015-8228
|
2024-11-21 11:38 |
2015-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271702
|
- |
|
huawei
|
vp_9660_firmware
|
The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via …
|
CWE-20
Improper Input Validation
|
CVE-2015-8227
|
2024-11-21 11:38 |
2015-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271703
|
- |
|
apache
|
cordova
|
Apache Cordova-Android before 3.7.0 improperly generates random values for BridgeSecret data, which makes it easier for attackers to conduct bridge hijacking attacks by predicting a value.
|
NVD-CWE-Other
|
CVE-2015-8320
|
2024-11-21 11:38 |
2015-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271704
|
- |
|
arista
|
eos
|
Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging manag…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8236
|
2024-11-21 11:38 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271705
|
- |
|
tibco
|
loglogic_unity
|
The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users to gain privileges, and consequently obtain sensitive information, via an HTTP request.
|
CWE-200
Information Exposure
|
CVE-2015-8090
|
2024-11-21 11:38 |
2015-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271706
|
- |
|
mayo_project
|
mayo
|
Cross-site scripting (XSS) vulnerability in the MAYO theme 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.6 for Drupal allows remote administrators with the "Administer themes" permission to inject …
|
CWE-79
Cross-site Scripting
|
CVE-2015-8233
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271707
|
- |
|
uc_profile_project
|
uc_profile
|
The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to profiles in certain circumstances, which might allow remote attackers to obtain sensitive information from th…
|
CWE-200
Information Exposure
|
CVE-2015-8232
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271708
|
- |
|
canonical
|
ubuntu_linux
|
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world-readable permissions for /var/lib/lxd/unix.socket, which allows local users to gain privileges via un…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8222
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271709
|
- |
|
google
|
picasa
|
Integer overflow in Google Picasa before 3.9.140 Build 259 allows remote attackers to execute arbitrary code via the CAMF section in a FOVb image, which triggers a heap-based buffer overflow.
|
CWE-119
CWE-189
Incorrect Access of Indexable Resource ('Range Error')
Numeric Errors
|
CVE-2015-8221
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271710
|
- |
|
solarwinds
|
dameware_mini_remote_control
|
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-8220
|
2024-11-21 11:38 |
2015-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
