Export limit exceeded: 24841 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24841 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7827 | 3 Botan Project, Debian, Fedoraproject | 3 Botan, Debian Linux, Fedora | 2025-04-12 | N/A |
| Botan before 1.10.13 and 1.11.x before 1.11.22 make it easier for remote attackers to conduct million-message attacks by measuring time differences, related to decoding of PKCS#1 padding. | ||||
| CVE-2015-7828 | 1 Sap | 1 Hana | 2025-04-12 | N/A |
| SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopydir, (2) fmkdir, (3) frmdir, (4) getenv, (5) dumpenv, (6) fcopy, (7) fput, (8) fdel, (9) fmove, (10) fget, (11) fappend, (12) fdir, (13) getTraces, (14) kill, (15) pexec, (16) stop, or (17) pythonexec method, aka SAP Security Note 2165583. | ||||
| CVE-2015-7830 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2025-04-12 | N/A |
| The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying. | ||||
| CVE-2015-7835 | 1 Xen | 1 Xen | 2025-04-12 | N/A |
| The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping. | ||||
| CVE-2015-7836 | 1 Siemens | 1 Ruggedcom Rugged Operating System | 2025-04-12 | N/A |
| Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by sniffing the network for VLAN data within the padding section of an Ethernet frame. | ||||
| CVE-2015-7838 | 1 Solarwinds | 1 Storage Manager | 2025-04-12 | N/A |
| ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows remote attackers to upload and execute arbitrary files via unspecified vectors. | ||||
| CVE-2015-7845 | 1 Huawei | 7 Espace Firmware, Espace Unified Gateway U1910, Espace Unified Gateway U1911 and 4 more | 2025-04-12 | N/A |
| The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V100R001C20SPH605 allows remote attackers to cause a denial of service (CLI outage) via crafted SSH packets. | ||||
| CVE-2015-7859 | 1 Joomla | 1 Joomla\! | 2025-04-12 | N/A |
| The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which allows remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-7884 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. | ||||
| CVE-2015-7885 | 1 Linux | 1 Linux Kernel | 2025-04-12 | N/A |
| The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application. | ||||
| CVE-2015-7886 | 1 Netapp | 1 Data Ontap | 2025-04-12 | N/A |
| NetApp Data ONTAP before 8.2.4P1, when 7-Mode and HTTP access are enabled, allows remote attackers to obtain sensitive volume information via unspecified vectors. | ||||
| CVE-2015-7900 | 1 Infinite Automation Systems | 1 Mango Automation | 2025-04-12 | N/A |
| Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 allows remote attackers to obtain sensitive debugging information by entering a crafted URL to trigger an exception, and then visiting a certain status page. | ||||
| CVE-2015-7902 | 1 Infinite Automation Systems | 1 Mango Automation | 2025-04-12 | N/A |
| Infinite Automation Mango Automation 2.5.x and 2.6.x before 2.6.0 build 430 provides different error messages for failed login attempts in unspecified circumstances, which allows remote attackers to obtain sensitive information via a series of requests. | ||||
| CVE-2015-7910 | 1 Exemys | 1 Telemetry Web Server | 2025-04-12 | N/A |
| Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this header and processing the response body. | ||||
| CVE-2015-7915 | 1 Sauter | 1 Moduweb Vision | 2025-04-12 | N/A |
| Sauter EY-WS505F0x0 moduWeb Vision before 1.6.0 sends cleartext credentials, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
| CVE-2015-7931 | 1 Adcon | 1 A840 Telemetry Gateway Base Station Firmware | 2025-04-12 | N/A |
| The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station does not authenticate the station device, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information by reading cleartext packet data, related to the lack of SSL support. | ||||
| CVE-2015-7926 | 1 Ewon | 1 Ewon Firmware | 2025-04-12 | N/A |
| eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests, which allows remote attackers to obtain sensitive information via an unspecified URL. | ||||
| CVE-2015-7929 | 1 Ewon | 1 Ewon Firmware | 2025-04-12 | N/A |
| eWON devices with firmware through 10.1s0 support unspecified GET requests, which might allow remote attackers to obtain sensitive information by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history. | ||||
| CVE-2015-7935 | 1 Motorola | 1 Moscad Ip Gateway Firmware | 2025-04-12 | N/A |
| Motorola Solutions MOSCAD IP Gateway allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2015-7934 | 1 Adcon | 1 A840 Telemetry Gateway Base Station Firmware | 2025-04-12 | N/A |
| The Java client in Adcon Telemetry A840 Telemetry Gateway Base Station allows remote attackers to discover log-file pathnames via unspecified vectors. | ||||