13 matches found
CVE-2015-8651
CVE-2015-8651 is an Adobe Flash Player vulnerability described as an integer overflow that enables remote code execution. The initial entry lists affected Flash Player versions on Windows, OS X, and Linux, and notes exploitation to run arbitrary code via unspecified vectors. Connected sources con...
CVE-2015-3113
CVE-2015-3113 is a heap-based buffer overflow in Adobe Flash Player affecting Windows/macOS Flash parsing of FLV data, exploited in the wild in June 2015. Affected versions: Flash Player before 13.0.0.296, and 14.x up to 18.x before 18.0.0.194 on Windows/macOS; before 11.2.202.468 on Linux. The f...
CVE-2015-5410
HP Version Control Repository Manager (VCRM) prior to 7.5.0 is affected by multiple vulnerabilities including CVE-2015-5410, where remote authenticated users can execute arbitrary code or cause a denial of service via unspecified vectors. The HP Security Bulletin HPSBMU03396 (rev.1, 2015-08-24) d...
CVE-2015-5409
HP Version Control Repository Manager (VCRM) prior to 7.5.0 is affected by CVE-2015-5409: an unspecified buffer overflow due to improper validation of user-supplied input. A remote, authenticated attacker could cause a denial of service or execute arbitrary code. Remediation: upgrade to version 7...
CVE-2015-5413
Affected product: HP Version Control Repository Manager (VCRM) prior to version 7.5.0. Vulnerability: remote authenticated users can gain privileges and access sensitive information via unspecified vectors (privilege escalation and information disclosure). Impact (as described): potential unautho...
CVE-2015-5411
CVE-2015-5411 affects HP Version Control Repository Manager (VCRM) prior to 7.5.0, enabling remote authenticated users to obtain sensitive information via unspecified vectors. The vulnerability is part of multiple issues documented in HP’s HPSBMU03396 bulletin; remediation is to upgrade to VCRM 7...
CVE-2015-5412
HP Version Control Repository Manager (VCRM) before version 7.5.0 is affected by a Cross‑Site Request Forgery (CSRF) vulnerability that allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. Multiple connected sources corroborate the CSRF impact...
CVE-2005-2076
CVE-2005-2076 affects HP Version Control Repository Manager (VCRM) prior to 2.1.1.730. The root cause is improper handling of the '@' character in a proxy password, which could allow attackers with physical access to see portions of the password when it is displayed on screen. Multiple connected ...
CVE-2010-3994
The CVE-2010-3994 issue affects HP Version Control Repository Manager (VCRM) before 6.2. It is a remote cross-site scripting (XSS) vulnerability allowing an attacker to inject arbitrary scripts/HTML via unspecified vectors. The NVD entry lists CVSSv2 base metrics as 4.3 (Medium) with no confident...
CVE-2016-8513
CVE-2016-8513 describes a CSRF vulnerability in HPE Version Control Repository Manager (VCRM) affecting all versions prior to 7.6. A remote attacker could exploit this by convincing a user to follow a crafted link or HTML page to perform unauthorized actions. The vulnerability’s impact is indicat...
CVE-2016-8514
CVE-2016-8514 is an information-disclosure vulnerability in HP Version Control Repository Manager (VCRM). The affected product is HPE VCRM, with all versions before 7.6.0 reported as susceptible. The connected sources describe a remote disclosure vulnerability enabling an attacker to obtain poten...
CVE-2016-8515
CVE-2016-8515 is a remote vulnerability in HP Version Control Repository Manager (VCRM) prior to version 7.6.0 that allows an attacker to upload arbitrary files. The connected documents consistently describe this as a vulnerability in VCRM versions before 7.6.0. The exact root cause details are n...
CVE-2017-5787
HPE Version Control Repository Manager (VCRM) before version 7.6 is affected by a remote denial-of-service vulnerability (CVE-2017-5787). The provided documents identify a network-exposed vector and a DoS impact but do not specify a confirmed remediation, patch version, or exploitable details. No...