CVE-2015-4761

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Memcached...

UBUNTU-CVE-2015-4737

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Pluggable Auth...

UBUNTU-CVE-2015-4772

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability on Cisco TelePresence MSE 8000 devices allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuu90444...

Design/Logic Flaw

The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x through 7.1.1.x before 7.1.1.5 and 7.2.0.x before 7.2.0.2 allows remote authenticated users to execute arbitrary commands with root privileges via unspecified vectors...

CVE-2015-0547

EMC Documentum D2 is affected by CVE-2015-0547 due to DQL injection in the D2CenterstageService.getComments method. The vulnerability affects D2 versions 4.1 and 4.2 prior to 4.2 P16 and 4.5 prior to P03, enabling remote authenticated users to bypass read-access restrictions and potentially discl...

CVE-2015-4238

The SNMP implementation in Cisco Adaptive Security Appliance ASA Software 8.47 and 8.61.2 allows remote authenticated users to cause a denial of service device reload by sending many SNMP requests during a time of high network traffic, aka Bug ID CSCul02601...

CVE-2015-4233

SQL injection vulnerability in Cisco Unified MeetingPlace 8.61.2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuu54037...

FreeRADIUS Certificate Improperly Validated Revocation of Intermediate CA Certificate Vulnerability

FreeRadius is an open source based on the Radius protocol , the implementation of Radius AAA Authentication, Authorization, Accounting function of the software . FreeRadius fails to correctly detect the intermediate CA certificate , allowing remote users with an intermediate CA issued a certifica...

CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders

CVEID: CVE-2015-4464 SUBJECT: Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders DESCRIPTION: A deficiency in handling authentication and authorization has been found with Kguard 104/108/v2 models. While password-based authentication...

CVE-2015-4222

SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.11 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCuq46325...

Kguard Digital Video Recorder Bypass Issues Vulnerability

A deficiency in handling authentication and authorization has been found with Kguard 104/108/v2 models. While password-based authentication is used by the ActiveX component to protect the login page, all the communication to the application server at port 9000 allows data to be communicated...

CVE-2015-4219

Cisco Secure Access Control System before 5.40.46.2 and 5.5 before 5.50.46 and Cisco Identity Services Engine 1.04.573 do not properly implement access control for support bundles, which allows remote authenticated users to obtain sensitive information via brute-force attempts to send valid...

CVE-2015-4214

Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) are affected by an information-disclosure vulnerability that lets an authenticated remote user read HTML source to obtain plaintext passwords (Bug CSCuu33050). The issue arises from how passwords are exposed in page source, enabling plaintext discl...

CVE-2015-4213

Cisco NX-OS 1.11g on Nexus 9000 devices allows remote authenticated users to discover cleartext passwords by leveraging the existence of a decryption mechanism, aka Bug ID CSCuu84391...

CVE-2015-3231

The Render cache system in Drupal 7.x before 7.38, when used to cache content by user role, allows remote authenticated users to obtain private content viewed by user 1 by reading the cache...

OS Command Injection in Vesta Control Panel

Advisory ID: HTB23261 Product: Vesta Control Panel Vendor: http://vestacp.com Vulnerable Versions: 0.9.8 and probably prior Tested Version: 0.9.8 Advisory Publication: May 20, 2015 without technical details Vendor Notification: May 20, 2015 Vendor Patch: June 3, 2015 Public Disclosure: June 17,...

Cross site scripting

Cross-site scripting XSS vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x before 7.x-1.5 for Drupal allows remote authenticated users with the "Administer Trick Question" permission to inject arbitrary web script or HTML via unspecified vectors...

CVE-2015-4356

Cross-site scripting XSS vulnerability in the view-based webform results table in the Webform module 7.x-4.x before 7.x-4.4 for Drupal allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via a webform...

The vulnerability of Siemens Ruggedcom WIN52 microprogramming software allows a intruder to gain access to the switch with administrator privileges.

The vulnerability of Siemens Ruggedcom WIN52 microprogramming software may allow a malicious actor to bypass authentication procedures when using remote control services and gain access to the switch with administrator privileges...