|
272491
|
- |
|
arris
|
na_model_862_gw_mono_firmware
|
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 all…
|
CWE-352
Origin Validation Error
|
CVE-2015-7291
|
2024-11-21 11:36 |
2015-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272492
|
- |
|
arris
|
na_model_862_gw_mono_firmware
|
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 allows rem…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7290
|
2024-11-21 11:36 |
2015-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272493
|
- |
|
arris
|
na_model_862_gw_mono_firmware
|
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remot…
|
CWE-255
Credentials Management
|
CVE-2015-7289
|
2024-11-21 11:36 |
2015-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272494
|
- |
|
open-xchange
|
ox_guard
|
Cross-site scripting (XSS) vulnerability in Open-Xchange OX Guard before 2.0.0-rev11 allows remote attackers to inject arbitrary web script or HTML via the uid field in a PGP public key, which is not…
|
CWE-79
Cross-site Scripting
|
CVE-2015-7385
|
2024-11-21 11:36 |
2015-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272495
|
- |
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service (use-aft…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2015-7312
|
2024-11-21 11:36 |
2015-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272496
|
- |
|
ibm
|
datapower_gateway
|
IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspe…
|
CWE-200
Information Exposure
|
CVE-2015-7427
|
2024-11-21 11:36 |
2015-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272497
|
- |
|
ibm
|
websphere_portal
|
IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests.
|
CWE-399
Resource Management Errors
|
CVE-2015-7419
|
2024-11-21 11:36 |
2015-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272498
|
- |
|
ibm
|
tivoli_storage_manager_for_databases_data_protection_for_microsoft_sql_server
tivoli_storage_manager_for_mail_data_protection_for_microsoft_exchange_server
tivoli_storage_flashcopy_manager
|
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.…
|
CWE-200
Information Exposure
|
CVE-2015-7404
|
2024-11-21 11:36 |
2015-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272499
|
- |
|
qemu
fedoraproject
debian
|
qemu
fedora
debian_linux
|
hw/virtio/virtio.c in the Virtual Network Device (virtio-net) support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to cause a denial of service (guest net…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-7295
|
2024-11-21 11:36 |
2015-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272500
|
- |
|
ibm
|
datapower_gateway
|
The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x before 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext da…
|
CWE-200
Information Exposure
|
CVE-2015-7412
|
2024-11-21 11:36 |
2015-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
