CVE-2015-5428

This is an entry in the Common Vulnerability Index under number CVE-2015-5428. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-5428

Description: HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2015-5427 and CVE-2015-5429.

Continue Reading …

CVE-2015-3350

This is an entry in the Common Vulnerability Index under number CVE-2015-3350. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-3350

Description: Cross-site request forgery (CSRF) vulnerability in the Todo Filter module before 6.x-1.1 and 7.x-1.x before 7.x-1.1 for Drupal allows remote attackers to hijack the authentication of arbitrary users for requests that toggle a task via unspecified vectors.

Continue Reading …

CVE-2015-2906

This is an entry in the Common Vulnerability Index under number CVE-2015-2906. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-2906

Description: ** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, store SSH private keys that are the same across different customers’

Continue Reading …

CVE-2015-0722

This is an entry in the Common Vulnerability Index under number CVE-2015-0722. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-0722

Description: The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before 7.3.2 allow remote attackers to cause a denial of service (process restart or device reload) via a flood of crafted IP packets,

Continue Reading …

CVE-2015-0502

This is an entry in the Common Vulnerability Index under number CVE-2015-0502. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-0502

Description: Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1 and 8.2 allows remote attackers to affect integrity via unknown vectors related to Portal Framework.

Continue Reading …

CVE-2015-6310

This is an entry in the Common Vulnerability Index under number CVE-2015-6310. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-6310

Description: The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows remote attackers to cause a denial of service (SIP proxy service restart) via a crafted HTTP request,

Continue Reading …

CVE-2015-8710

This is an entry in the Common Vulnerability Index under number CVE-2015-8710. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-8710

Description: The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and application crash),

Continue Reading …

CVE-2015-7820

This is an entry in the Common Vulnerability Index under number CVE-2015-7820. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-7820

Description: Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain privileged-account access,

Continue Reading …

CVE-2015-8074

This is an entry in the Common Vulnerability Index under number CVE-2015-8074. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-8074

Description: mediaserver in Android before 5.1.1 LMY48X allows remote attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, aka internal bugs 23540907 and 23515142,

Continue Reading …

CVE-2015-2188

This is an entry in the Common Vulnerability Index under number CVE-2015-2188. Specific details regarding this vulnerability name are as follows:

CVE Number: CVE-2015-2188

Description: epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.

Continue Reading …