|
280381
|
- |
|
sap
|
clinical_task_tracker
emr_unwired
|
SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt) does not properly restrict access, which allows remote attackers to change the backendurl,…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2814
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280382
|
- |
|
sap
|
mobile_platform
|
XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358.
|
NVD-CWE-Other
|
CVE-2015-2813
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280383
|
- |
|
sap
|
netweaver_enterprise_portal
|
XML external entity (XXE) vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Secur…
|
NVD-CWE-Other
|
CVE-2015-2812
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280384
|
- |
|
sap
|
netweaver_enterprise_portal
|
XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Not…
|
NVD-CWE-Other
|
CVE-2015-2811
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280385
|
- |
|
debian
xen
fedoraproject
canonical
|
debian_linux
xen
fedora
ubuntu_linux
|
QEMU, as used in Xen 3.3.x through 4.5.x, does not properly restrict access to PCI command registers, which might allow local HVM guest users to cause a denial of service (non-maskable interrupt and …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-2756
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280386
|
- |
|
ab_google_map_travel_project
|
ab_google_map_travel
|
Multiple cross-site request forgery (CSRF) vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators f…
|
CWE-352
Origin Validation Error
|
CVE-2015-2755
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280387
|
- |
|
synology
|
diskstation_manager
|
The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote attack…
|
CWE-200
Information Exposure
|
CVE-2015-2809
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280388
|
- |
|
oracle
debian
redhat
suse
opensuse
canonical
fujitsu
huawei
ibm
|
http_server
integrated_lights_out_manager_firmware
communications_application_session_controller
communications_policy_management
debian_linux
enterprise_linux_desktop
enterprise_li…
|
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to cond…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2015-2808
|
2024-11-21 11:28 |
2015-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280389
|
- |
|
debian
gaia-gis
|
debian_linux
freexl
|
The parse_SST function in FreeXL before 1.0.0i allows remote attackers to cause a denial of service (memory consumption) via a crafted shared strings table in a workbook.
|
CWE-20
Improper Input Validation
|
CVE-2015-2776
|
2024-11-21 11:28 |
2015-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280390
|
- |
|
wpml
|
wpml
|
The WPML plugin before 3.1.9 for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request con…
|
CWE-284
Improper Access Control
|
CVE-2015-2792
|
2024-11-21 11:28 |
2015-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
