|
271811
|
6.5 |
MEDIUM
Network
|
huawei
|
vcn500
|
Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading…
|
CWE-200
Information Exposure
|
CVE-2015-8335
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271812
|
7.1 |
HIGH
Network
|
huawei
|
vcn500
|
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 allows remote authenticated users to change the IP address of the media server via crafted packets.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-8333
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271813
|
7.4 |
HIGH
Network
|
huawei
|
vcn500
|
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200 does not properly invalidate the session ID when an "abnormal exit" occurs, which allows remote attack…
|
CWE-20
Improper Input Validation
|
CVE-2015-8331
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271814
|
7.5 |
HIGH
Network
|
huawei
|
espace_7950
espace_7910
|
Huawei eSpace 7910 and 7950 IP phones with software before V200R002C00SPC800 allow remote attackers with established sessions to cause a denial of service (device restart) via unspecified packets.
|
CWE-399
Resource Management Errors
|
CVE-2015-8231
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271815
|
7.5 |
HIGH
Network
|
huawei
|
espace_8950
|
Memory leak in Huawei eSpace 8950 IP phones with software before V200R003C00SPC300 allows remote attackers to cause a denial of service (memory consumption and restart) via a large number of crafted …
|
CWE-399
Resource Management Errors
|
CVE-2015-8230
|
2024-11-21 11:38 |
2016-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271816
|
4.6 |
MEDIUM
Physics
|
mozilla
|
firefox_os
|
The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by enterin…
|
CWE-284
Improper Access Control
|
CVE-2015-8512
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271817
|
6.4 |
MEDIUM
Physics
|
mozilla
|
firefox_os
|
Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors.
|
CWE-362
Race Condition
|
CVE-2015-8511
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271818
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox_os
|
Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary w…
|
CWE-79
Cross-site Scripting
|
CVE-2015-8510
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271819
|
6.1 |
MEDIUM
Network
|
getsymphony
|
symphony
|
Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.6.3 allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Navigation Group, or (3) Label parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2015-8376
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
271820
|
9.0 |
CRITICAL
Network
|
canonical
pygments
|
ubuntu_linux
pygments
|
The FontManager._get_nix_font_path function in formatters/img.py in Pygments 1.2.2 through 2.0.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a font name.
|
CWE-78
OS Command
|
CVE-2015-8557
|
2024-11-21 11:38 |
2016-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
