|
277871
|
- |
|
ecava
|
integraxor
|
Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local users to gain privileges via a renamed DLL in the default install directory.
|
NVD-CWE-Other
|
CVE-2015-0990
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277872
|
- |
|
inductiveautomation
|
ignition
|
Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-0976
|
2024-11-21 11:24 |
2015-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277873
|
- |
|
google
|
chrome
|
Race condition in gpu/command_buffer/service/gles2_cmd_decoder.cc in Google Chrome before 41.0.2272.118 allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspeci…
|
CWE-362
Race Condition
|
CVE-2015-1234
|
2024-11-21 11:24 |
2015-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277874
|
- |
|
google
|
chrome
|
Google Chrome before 41.0.2272.118 does not properly handle the interaction of IPC, the Gamepad API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors.
|
CWE-17
Code
|
CVE-2015-1233
|
2024-11-21 11:24 |
2015-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277875
|
- |
|
xzeres
|
442sr_os
442sr
|
Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote attackers to hijack the authentication of admins for requests that modify the default user's pa…
|
CWE-352
Origin Validation Error
|
CVE-2015-0985
|
2024-11-21 11:24 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277876
|
- |
|
honeywell
|
excel_web_xl_1000c1000_600_i\/o
excel_web_xl_1000c50u_52_i\/o_uukl
excel_web_xl_1000c500_300_i\/o_uukl
excel_web_xl_1000c1000_600_i\/o_uukl
excel_web_xl_1000c100_104_i\/o
excel_web_xl_…
|
Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C100 104 I/O, XL1000C500 300 I/O, XL1000C1000 600 I/O, XL1000C50U 52 I/O UUKL, XL1000C100U 104 I/O U…
|
CWE-22
Path Traversal
|
CVE-2015-0984
|
2024-11-21 11:24 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277877
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 store cleartext OPC User credentials in a configuration file, which allow…
|
CWE-200
Information Exposure
|
CVE-2015-0999
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277878
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 transmit cleartext credentials, which allows remote attackers to obtain s…
|
CWE-200
Information Exposure
|
CVE-2015-0998
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277879
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 provide an HMI user interface that lists all valid usernames, which makes…
|
CWE-200
Information Exposure
|
CVE-2015-0997
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277880
|
- |
|
schneider-electric
aveva
|
wonderware_intouch_2014
aveva_edge
|
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 before 7.1.3.4 SP3 Patch 4 rely on a hardcoded cleartext password to control read access to Project …
|
CWE-200
Information Exposure
|
CVE-2015-0996
|
2024-11-21 11:24 |
2015-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
