|
272721
|
6.7 |
MEDIUM
Local
|
rsa
|
securid_web_agent
|
EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-screen protection mechanism by leveraging an unattended workstation and running DOM Inspector.
|
CWE-284
Improper Access Control
|
CVE-2015-6851
|
2024-11-21 11:35 |
2015-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272722
|
5.3 |
MEDIUM
Network
|
eaton
|
proview
|
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS relays does not properly initialize padding fields in Ethernet packets, which allows remote attacker…
|
CWE-200
Information Exposure
|
CVE-2015-6471
|
2024-11-21 11:35 |
2015-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272723
|
8.3 |
HIGH
Network
|
moxa
|
oncell_central_manager
|
The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a hardcoded root password, which allows remote attackers to obtain administrative access via a login se…
|
NVD-CWE-Other
|
CVE-2015-6481
|
2024-11-21 11:35 |
2015-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272724
|
8.3 |
HIGH
Network
|
moxa
|
oncell_central_manager
|
The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authentication, which allows remote attackers to obtain administrative access via a command, as demonstrate…
|
CWE-287
Improper Authentication
|
CVE-2015-6480
|
2024-11-21 11:35 |
2015-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272725
|
7.3 |
HIGH
Network
|
vmware
|
vcenter_orchestrator
vrealize_orchestrator
|
Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow…
|
CWE-20
Improper Input Validation
|
CVE-2015-6934
|
2024-11-21 11:35 |
2015-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272726
|
- |
|
symantec
|
endpoint_encryption
|
EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption (SEE) before 11.1.0 allows remote authenticated users to discover credentials by triggering a memory dump.
|
CWE-200
Information Exposure
|
CVE-2015-6556
|
2024-11-21 11:35 |
2015-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272727
|
- |
|
google
|
chrome
|
Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
|
NVD-CWE-noinfo
|
CVE-2015-6791
|
2024-11-21 11:35 |
2015-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272728
|
- |
|
google
|
chrome
|
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities, whi…
|
CWE-20
Improper Input Validation
|
CVE-2015-6790
|
2024-11-21 11:35 |
2015-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272729
|
- |
|
google
|
chrome
|
Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have un…
|
CWE-362
NVD-CWE-Other
Race Condition
|
CVE-2015-6789
|
2024-11-21 11:35 |
2015-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272730
|
- |
|
google
|
chrome
|
The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, wh…
|
NVD-CWE-Other
|
CVE-2015-6788
|
2024-11-21 11:35 |
2015-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
