|
277591
|
- |
|
xzeres
|
442sr_os
442sr
|
Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that modify the default user's pa…
|
CWE-352
Origin Validation Error
|
CVE-2015-0985
|
2024-11-21 11:24 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277592
|
- |
|
honeywell
|
excel_web_xl_1000c1000_600_i\/o
excel_web_xl_1000c50u_52_i\/o_uukl
excel_web_xl_1000c500_300_i\/o_uukl
excel_web_xl_1000c1000_600_i\/o_uukl
excel_web_xl_1000c100_104_i\/o
excel_web_xl_…
|
Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O U…
|
CWE-22
Path Traversal
|
CVE-2015-0984
|
2024-11-21 11:24 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277593
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allow…
|
CWE-200
Information Exposure
|
CVE-2015-0999
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277594
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain s…
|
CWE-200
Information Exposure
|
CVE-2015-0998
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277595
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes…
|
CWE-200
Information Exposure
|
CVE-2015-0997
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277596
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project …
|
CWE-200
Information Exposure
|
CVE-2015-0996
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277597
|
- |
|
inetc_project
|
inetc
|
The Inetc plugin for Nullsoft Scriptable Install System (NSIS), as used in CERT/CC Failure Observation Engine (FOE) and other products, does not verify X.509 certificates from SSL servers, which allo…
|
CWE-310
Cryptographic Issues
|
CVE-2015-0941
|
2024-11-21 11:24 |
2015-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277598
|
- |
|
apple
|
iphone_os
safari
|
The user interface in WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, does not display URLs consistently, which makes it easier for remote attackers to conduct p…
|
CWE-17
Code
|
CVE-2015-1084
|
2024-11-21 11:24 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277599
|
- |
|
apple
|
itunes
safari
tvos
iphone_os
|
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application…
|
CWE-399
Resource Management Errors
|
CVE-2015-1083
|
2024-11-21 11:24 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277600
|
- |
|
apple
|
itunes
safari
iphone_os
tvos
|
WebKit, as used in Apple Safari before 6.2.4, 7.x before 7.1.4, and 8.x before 8.0.4, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application…
|
CWE-399
Resource Management Errors
|
CVE-2015-1082
|
2024-11-21 11:24 |
2015-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
