|
273451
|
- |
|
apple
|
iphone_os
|
SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen preview-disabled setting, and reply to an audio message, via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2015-5861
|
2024-11-21 11:34 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273452
|
- |
|
apple
|
iphone_os
watchos
|
The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remote attackers to bypass the Safari private-browsing protection mechanism and track users via a crafte…
|
CWE-200
Information Exposure
|
CVE-2015-5860
|
2024-11-21 11:34 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273453
|
- |
|
apple
|
iphone_os
watchos
|
The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HSTS protection mechanism, and consequently obtain sensitive information, via a crafted URL.
|
CWE-200
Information Exposure
|
CVE-2015-5858
|
2024-11-21 11:34 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273454
|
- |
|
apple
|
iphone_os
|
Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mail sender address via unspecified vectors.
|
CWE-254
7PK - Security Features
|
CVE-2015-5857
|
2024-11-21 11:34 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273455
|
- |
|
apple
|
iphone_os
|
The Application Store component in Apple iOS before 9 allows remote attackers to cause a denial of service to an enterprise-signed app via a crafted ITMS URL.
|
CWE-254
7PK - Security Features
|
CVE-2015-5856
|
2024-11-21 11:34 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273456
|
- |
|
typo3
|
typo3
|
The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before 7.4.0, 4.5.40, and earlier allows remote authenticated users to bypass the XSS filter and conduct cross-site scripting (XSS) attac…
|
CWE-79
Cross-site Scripting
|
CVE-2015-5956
|
2024-11-21 11:34 |
2015-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273457
|
- |
|
impero
|
impero_education_pro
|
Impero Education Pro before 5105 relies on the -1|AUTHENTICATE\x02PASSWORD string for authentication, which allows remote attackers to execute arbitrary programs via an encrypted command.
|
CWE-287
Improper Authentication
|
CVE-2015-5998
|
2024-11-21 11:34 |
2015-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273458
|
- |
|
impero
|
impero_education_pro
|
Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a hash of the Imp3ro string, which makes it easier for remote attackers to obtain plaintext data by sn…
|
NVD-CWE-Other
|
CVE-2015-5997
|
2024-11-21 11:34 |
2015-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273459
|
- |
|
cisco
|
web_security_virtual_appliance
|
Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-6290
|
2024-11-21 11:34 |
2015-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
273460
|
- |
|
cisco
|
content_security_management_appliance
|
Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application…
|
CWE-399
Resource Management Errors
|
CVE-2015-6288
|
2024-11-21 11:34 |
2015-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
