|
279601
|
9.8 |
CRITICAL
Network
|
cisco
|
identity_services_engine_software
|
The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attackers to obtain administrativ…
|
NVD-CWE-noinfo
|
CVE-2015-6323
|
2024-11-21 11:34 |
2016-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279602
|
7.5 |
HIGH
Network
|
cisco
|
aironet_access_point_software
|
The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) allows remote attackers to cause a denial of service via a crafted header in an IP packet, aka Bug …
|
CWE-399
Resource Management Errors
|
CVE-2015-6320
|
2024-11-21 11:34 |
2016-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279603
|
9.8 |
CRITICAL
Network
|
cisco
|
wireless_lan_controller_software
|
Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via unspecified vectors, aka Bu…
|
CWE-287
Improper Authentication
|
CVE-2015-6314
|
2024-11-21 11:34 |
2016-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279604
|
6.1 |
MEDIUM
Network
|
microsoft
|
sharepoint_foundation
sharepoint_server
|
Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated users to bypass intended Access Control Policy restrictions and conduct cross-site scripting (XSS) a…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6117
|
2024-11-21 11:34 |
2016-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279605
|
6.1 |
MEDIUM
Network
|
cisco
|
prime_infrastructure
|
Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks and unspecified other attacks via a crafted we…
|
CWE-79
Cross-site Scripting
|
CVE-2015-6434
|
2024-11-21 11:34 |
2016-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279606
|
6.5 |
MEDIUM
Network
|
cisco
|
unified_communications_manager
|
SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCut66767.
|
CWE-89
SQL Injection
|
CVE-2015-6433
|
2024-11-21 11:34 |
2016-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279607
|
7.5 |
HIGH
Network
|
cisco
|
ios_xr
|
Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly restrict the number of Path Computation Elements (PCEs) for OSPF LSA opaque area updates, which allows…
|
CWE-399
Resource Management Errors
|
CVE-2015-6432
|
2024-11-21 11:34 |
2016-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279608
|
8.8 |
HIGH
Network
|
zyxel
|
gs1900-10hp_firmware
|
Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users.
|
CWE-352
Origin Validation Error
|
CVE-2015-5990
|
2024-11-21 11:34 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279609
|
9.8 |
CRITICAL
Network
|
zyxel
|
gs1900-10hp_firmware
|
Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization, which allows remote attackers to obtain administrative privileges via certain changes to LockStat…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-5989
|
2024-11-21 11:34 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279610
|
9.8 |
CRITICAL
Network
|
zyxel
|
gs1900-10hp_firmware
|
The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password, which allows remote attackers to obtain administrative privileges by leveraging a LAN session.
|
CWE-255
Credentials Management
|
CVE-2015-5988
|
2024-11-21 11:34 |
2016-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
