CVE-2015-1526
The media_server component in Android allows remote attackers to cause a denial of service via a crafted application.
Source: CVE-2015-1526
[월:] 2017년 09월
CVE-2015-8249
CVE-2015-8249
The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execute arbitrary files via the ConnectionId parameter.
Source: CVE-2015-8249
CVE-2015-3138
CVE-2015-3138
print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash).
Source: CVE-2015-3138
CVE-2015-3643
CVE-2015-3643
usb-creator before 0.2.38.3ubuntu0.1 on Ubuntu 12.04 LTS, before 0.2.56.3ubuntu0.1 on Ubuntu 14.04 LTS, before 0.2.62ubuntu0.3 on Ubuntu 14.10, and before 0.2.67ubuntu0.1 on Ubuntu 15.04 allows local users to gain privileges by leveraging a missing call check_polkit for the KVMTest method.
Source: CVE-2015-3643
CVE-2015-7349
CVE-2015-7349
Cross-site scripting (XSS) vulnerability in the sample feedback.inc file in VASCO DIGIPASS authentication plug-in for Citrix Web Interface allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter.
Source: CVE-2015-7349
CVE-2015-7256
CVE-2015-7256
ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, NWA1123-NI Access Points, P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, VSG1435-B101 DSL CPEs, PMG5318-B20A GPON, SBG3300-N000, SBG3300-NB00, SBG3500-N000 Small Business Gateways, GS1900-8, GS1900-24 Switchs, and C1000Z, Q1000, FR1000Z, P8702N Project Models use non-unique X.509 certificates and SSH host keys.
Source: CVE-2015-7256
CVE-2017-10932
CVE-2017-10932
All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products – NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a crafted RMI request to execute arbitrary code on the target host.
Source: CVE-2017-10932
CVE-2015-5613
CVE-2015-5613
Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving a file title, a different vulnerability than CVE-2015-5612.
Source: CVE-2015-5613
CVE-2017-14761 (genixcms)
CVE-2017-14761 (genixcms)
In GeniXCMS 1.1.4, /inc/lib/backend/menus.control.php has XSS via the id parameter.
Source: CVE-2017-14761 (genixcms)
CVE-2017-14762 (genixcms)
CVE-2017-14762 (genixcms)
In GeniXCMS 1.1.4, /inc/lib/Control/Backend/menus.control.php has XSS via the id parameter.
Source: CVE-2017-14762 (genixcms)