|
277661
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary files via crafted IPC messages, aka Bug ID CSCus79173.
|
CWE-22
Path Traversal
|
CVE-2015-0665
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277662
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0663
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277663
|
- |
|
cisco
|
anyconnect_secure_mobility_client
|
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-0662
|
2024-11-21 11:23 |
2015-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277664
|
- |
|
fedoraproject
suse
opensuse
|
fedora
opensuse_osc
opensuse
|
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
|
CWE-77
Command Injection
|
CVE-2015-0778
|
2024-11-21 11:23 |
2015-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277665
|
- |
|
cisco
|
telepresence_server_software
|
Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which allows local users to execute arbitrary OS commands as root by leveraging vSphere controller admini…
|
CWE-284
Improper Access Control
|
CVE-2015-0660
|
2024-11-21 11:23 |
2015-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277666
|
- |
|
cisco
|
intrusion_prevention_system
|
Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of servic…
|
CWE-362
Race Condition
|
CVE-2015-0654
|
2024-11-21 11:23 |
2015-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277667
|
- |
|
cisco
|
expressway_software
telepresence_conductor
telepresence_video_communication_server_software
|
The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before X2…
|
CWE-287
Improper Authentication
|
CVE-2015-0653
|
2024-11-21 11:23 |
2015-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277668
|
- |
|
cisco
|
expressway_software
telepresence_conductor
telepresence_video_communication_server_software
|
The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows remo…
|
CWE-20
Improper Input Validation
|
CVE-2015-0652
|
2024-11-21 11:23 |
2015-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277669
|
- |
|
emc
|
secure_remote_services
|
The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2015-0525
|
2024-11-21 11:23 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277670
|
- |
|
emc
|
secure_remote_services
|
SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary SQL commands via uns…
|
CWE-89
SQL Injection
|
CVE-2015-0524
|
2024-11-21 11:23 |
2015-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
