|
275131
|
- |
|
sap
|
sap_netweaver_application_server_java
|
XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to send TCP requests to intranet servers or possibly have unspecified other impact via an XML request to t…
|
NVD-CWE-Other
|
CVE-2015-4091
|
2024-11-21 11:30 |
2015-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275132
|
- |
|
feedwordpress_project
|
feedwordpress
|
SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin before 2015.0514 for WordPress allows remote authenticated users to execute arbitrary SQL commands vi…
|
CWE-89
SQL Injection
|
CVE-2015-4018
|
2024-11-21 11:30 |
2015-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275133
|
- |
|
huawei
|
webui
e355s_mobile_wifi_firmware
|
Huawei E355s Mobile WiFi with firmware before 22.158.45.02.625 and WEBUI before 13.100.04.01.625 allows remote attackers to obtain sensitive configuration information by sniffing the network or sendi…
|
CWE-200
Information Exposure
|
CVE-2015-3912
|
2024-11-21 11:30 |
2015-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275134
|
- |
|
huawei
|
e587_mobile_wifi_firmware
|
Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows remote attackers to bypass authentication, change configurations, send messages, and cause a denial of service (device restart) via…
|
CWE-284
Improper Access Control
|
CVE-2015-3911
|
2024-11-21 11:30 |
2015-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275135
|
3.7 |
LOW
Network
|
openssl
canonical
hp
ibm
oracle
debian
suse
apple
mozilla
opera
microsoft
google
|
openssl
ubuntu_linux
hp-ux
content_manager
jrockit
debian_linux
jdk
jre
linux_enterprise_server
linux_enterprise_software_development_kit
linux_enterprise_desktop
sus…
|
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to c…
|
CWE-310
Cryptographic Issues
|
CVE-2015-4000
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275136
|
- |
|
valvesoftware
|
steam_client
|
The client detection protocol in Valve Steam allows remote attackers to cause a denial of service (process crash) via a crafted response to a broadcast packet.
|
CWE-20
Improper Input Validation
|
CVE-2015-4016
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275137
|
- |
|
piriform
|
ccleaner
|
Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting files, which allows local users to obtain sensitive information by searching unallocated disk space.
|
CWE-200
Information Exposure
|
CVE-2015-3999
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275138
|
- |
|
sonicwall
|
uma_em5000_firmware
global_management_system
analyzer
|
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configu…
|
CWE-19
Data Processing Errors
|
CVE-2015-3990
|
2024-11-21 11:30 |
2015-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275139
|
- |
|
google
|
v8
chrome
|
Multiple unspecified vulnerabilities in Google V8 before 4.3.61.21, as used in Google Chrome before 43.0.2357.65, allow attackers to cause a denial of service or possibly have other impact via unknow…
|
NVD-CWE-noinfo
|
CVE-2015-3910
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275140
|
- |
|
openstack
oracle
|
horizon
solaris
|
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0 allow remote authenticated users to inject arbitrary web script or HTML via the metadata to a (1) Glance …
|
CWE-79
Cross-site Scripting
|
CVE-2015-3988
|
2024-11-21 11:30 |
2015-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
