|
275471
|
5.4 |
MEDIUM
Network
|
fortinet
|
fortimanager_firmware
|
Cross-site scripting (XSS) vulnerability in Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involvin…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3615
|
2024-11-21 11:29 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275472
|
7.5 |
HIGH
Network
|
fortinet
|
fortimanager_firmware
|
Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving another unspecified vulnerability.
|
CWE-200
Information Exposure
|
CVE-2015-3614
|
2024-11-21 11:29 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275473
|
7.5 |
HIGH
Network
|
mod_nss_project
|
mod_nss
|
The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring.
|
CWE-200
Information Exposure
|
CVE-2015-3277
|
2024-11-21 11:29 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275474
|
7.5 |
HIGH
Network
|
ntp
debian
suse
opensuse_project
opensuse
fedoraproject
redhat
|
ntp
debian_linux
suse_linux_enterprise_server
suse_linux_enterprise_desktop
fedora
enterprise_linux_for_scientific_computing
enterprise_linux_server_from_rhui_6
enterprise_linux_…
|
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is betwe…
|
CWE-331
Insufficient Entropy
|
CVE-2015-3405
|
2024-11-21 11:29 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275475
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The updateMessageStatus function in Android 5.1.1 and earlier allows local users to cause a denial of service (NULL pointer exception and process crash).
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-3839
|
2024-11-21 11:29 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275476
|
5.9 |
MEDIUM
Network
|
citrix
|
netscaler_application_delivery_controller
netscaler_gateway
|
The TLS and DTLS processing functionality in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway devices with firmware 9.x before 9.3 Build 68.5, 10.0 through Build 78.6, 10.…
|
CWE-200
Information Exposure
|
CVE-2015-3642
|
2024-11-21 11:29 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275477
|
9.8 |
CRITICAL
Network
|
nss_compat_ossl_project
|
nss_compat_ossl
|
The cipherstring parsing code in nss_compat_ossl while in multi-keyword mode does not match the expected set of ciphers for a given cipher combination, which allows attackers to have unspecified impa…
|
CWE-20
Improper Input Validation
|
CVE-2015-3278
|
2024-11-21 11:29 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275478
|
7.5 |
HIGH
Network
|
phpmybackuppro
|
phpmybackuppro
|
phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory…
|
CWE-94
Code Injection
|
CVE-2015-3640
|
2024-11-21 11:29 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275479
|
8.8 |
HIGH
Network
|
phpmybackuppro
|
phpmybackuppro
|
phpMyBackupPro 2.5 and earlier does not properly sanitize input strings, which allows remote authenticated users to execute arbitrary PHP code by storing a crafted string in a user configuration file.
|
CWE-20
Improper Input Validation
|
CVE-2015-3639
|
2024-11-21 11:29 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
275480
|
8.8 |
HIGH
Network
|
phpmybackuppro
|
phpmybackuppro
|
phpMyBackupPro before 2.5 does not validate integer input, which allows remote authenticated users to execute arbitrary PHP code by injecting scripts via the path, filename, and period parameters to …
|
CWE-94
Code Injection
|
CVE-2015-3638
|
2024-11-21 11:29 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
