|
277861
|
- |
|
newphoria_corporation
|
koritore
|
The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5635
|
2024-11-21 11:33 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277862
|
- |
|
newphoria_corporation
|
megaphone_music
|
The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5634
|
2024-11-21 11:33 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277863
|
- |
|
newphoria_corporation
|
auction_camera
|
The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5633
|
2024-11-21 11:33 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277864
|
- |
|
newphoria_corporation
|
applican
|
The runtime engine in the Newphoria applican framework before 1.12.3 for Android and before 1.12.2 for iOS allows attackers to bypass a whitelist.xml URL whitelist protection mechanism and obtain API…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5632
|
2024-11-21 11:33 |
2015-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277865
|
- |
|
dena
|
h20
|
Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.dir directive is enabled, allows remote attackers to read arbitrary files via a crafted URL.
|
CWE-22
Path Traversal
|
CVE-2015-5638
|
2024-11-21 11:33 |
2015-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277866
|
- |
|
apple
|
watchos
iphone_os
|
Apple iOS before 9 allows attackers to discover the e-mail address of a player via a crafted Game Center app.
|
CWE-200
Information Exposure
|
CVE-2015-5855
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277867
|
- |
|
apple
|
mac_os_x
iphone_os
|
The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not require an encrypted session, which allows local users to obtain cleartext multipeer data via an enc…
|
CWE-200
Information Exposure
|
CVE-2015-5851
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277868
|
- |
|
apple
|
iphone_os
|
AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of incorrect passcode attempts via a device backup.
|
CWE-254
7PK - Security Features
|
CVE-2015-5850
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277869
|
- |
|
apple
|
iphone_os
watchos
|
IOAcceleratorFamily in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5848
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277870
|
- |
|
apple
|
mac_os_x
watchos
iphone_os
|
The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-5847
|
2024-11-21 11:33 |
2015-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
