|
280931
|
- |
|
wavelink
|
connectpro
|
Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) service in Wavelink ConnectPro allows remote attackers to execute arbitrary code via a large HTTP header.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4060
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280932
|
- |
|
wavelink
|
terminal_emulation
|
Heap-based buffer overflow in the License Server (LicenseServer.exe) in Wavelink Terminal Emulation (TE) allows remote attackers to execute arbitrary code via a large HTTP header.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2015-4059
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280933
|
- |
|
ipsec-tools
canonical
fedoraproject
f5
debian
|
ipsec-tools
ubuntu_linux
fedora
big-ip_application_acceleration_manager
big-ip_local_traffic_manager
big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_access_policy_manage…
|
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.
|
CWE-476
NULL Pointer Dereference
|
CVE-2015-4047
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280934
|
- |
|
visual_mining
|
netcharts_server
|
projectContents.jsp in the Developer tools in Visual Mining NetCharts Server allows remote attackers to rename arbitrary files, and consequently execute them, via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-4032
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280935
|
- |
|
visualmining
|
netcharts_server
|
Directory traversal vulnerability in saveFile.jsp in the development installation in Visual Mining NetChart allows remote attackers to write to arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2015-4031
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280936
|
- |
|
sap
|
hana
|
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to read arbitrary files via an IMPORT FROM SQL statement, aka SAP Security Note 2109565.
|
CWE-200
Information Exposure
|
CVE-2015-3995
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280937
|
- |
|
sap
|
hana
|
The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to spoof log entries via a crafted request, ak…
|
CWE-20
Improper Input Validation
|
CVE-2015-3994
|
2024-11-21 11:30 |
2015-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280938
|
- |
|
milw0rm_project
|
milw0rm_clone_script
|
SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 allows remote attackers to execute arbitrary SQL commands via the program parameter.
|
CWE-89
SQL Injection
|
CVE-2015-4137
|
2024-11-21 11:30 |
2015-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280939
|
- |
|
roomcloud
|
roomcloud
|
Multiple cross-site scripting (XSS) vulnerabilities in roomcloud.php in the Roomcloud plugin before 1.3 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) pin, (2…
|
CWE-79
Cross-site Scripting
|
CVE-2015-3904
|
2024-11-21 11:30 |
2015-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
280940
|
- |
|
phpwind
|
phpwind
|
Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2015-4135
|
2024-11-21 11:30 |
2015-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
