|
277781
|
- |
|
antlabs
|
inngate_ig_3.10_g
inngate_ig_3.10_e
inngate_ig_3.00_e
inngate_ig_3.01_e
inngate_ig_3100
inngate_ig_3101
inngate_ig_3.02_e
|
The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0932
|
2024-11-21 11:24 |
2015-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277782
|
- |
|
inductiveautomation
|
ignition
|
Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-dependent attackers to obtain access via a brute-force attack.
|
CWE-255
Credentials Management
|
CVE-2015-0995
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277783
|
- |
|
inductiveautomation
|
ignition
|
Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protection mechanism by using different session ID values in a series of HTTP requests.
|
CWE-254
7PK - Security Features
|
CVE-2015-0994
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277784
|
- |
|
inductiveautomation
|
ignition
|
Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.
|
CWE-254
7PK - Security Features
|
CVE-2015-0993
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277785
|
- |
|
inductiveautomation
|
ignition
|
Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local users to obtain sensitive information via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-0992
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277786
|
- |
|
inductiveautomation
|
ignition
|
Inductive Automation Ignition 7.7.2 allows remote attackers to obtain sensitive information by reading an error message about an unhandled exception, as demonstrated by pathname information.
|
CWE-200
Information Exposure
|
CVE-2015-0991
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277787
|
- |
|
ecava
|
integraxor
|
Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory.
|
NVD-CWE-Other
|
CVE-2015-0990
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277788
|
- |
|
inductiveautomation
|
ignition
|
Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0976
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277789
|
- |
|
google
|
chrome
|
Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspeci…
|
CWE-362
Race Condition
|
CVE-2015-1234
|
2024-11-21 11:24 |
2015-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277790
|
- |
|
google
|
chrome
|
Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-17
Code
|
CVE-2015-1233
|
2024-11-21 11:24 |
2015-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
