Search Results (5496 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-5632 1 Newphoria Corporation 1 Applican 2025-04-12 N/A
The runtime engine in the Newphoria applican framework before 1.12.3 for Android and before 1.12.2 for iOS allows attackers to bypass a whitelist.xml URL whitelist protection mechanism and obtain API access via unspecified vectors.
CVE-2015-5629 1 Ntt-bp 1 Japan Connected-free Wi-fi 2025-04-12 N/A
The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
CVE-2015-5633 1 Newphoria Corporation 1 Auction Camera 2025-04-12 N/A
The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
CVE-2015-5634 1 Newphoria Corporation 1 Megaphone Music 2025-04-12 N/A
The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
CVE-2015-5635 1 Newphoria Corporation 1 Koritore 2025-04-12 N/A
The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
CVE-2015-5636 1 Newphoria Corporation 1 Reversi 2025-04-12 N/A
The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
CVE-2015-5637 1 Newphoria Corporation 1 1.1 2025-04-12 N/A
The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.
CVE-2015-5640 1 Basercms 1 Basercms 2025-04-12 N/A
baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a crafted request.
CVE-2015-5645 1 Icz 1 Matchasns 2025-04-12 N/A
ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges via unspecified vectors.
CVE-2015-6265 1 Cisco 1 Application Control Engine 4700 2025-04-12 N/A
The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and earlier allows local users to bypass intended access restrictions, and read or write to files, by entering an unspecified CLI command with a crafted file as this command's input, aka Bug ID CSCur23662.
CVE-2015-6296 1 Cisco 1 Prime Network Registrar 2025-04-12 N/A
Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allows local users to obtain root access by leveraging knowledge of the credentials, aka Bug ID CSCuw21825.
CVE-2015-6306 3 Apple, Cisco, Linux 3 Mac Os X, Anyconnect Secure Mobility Client, Linux Kernel 2025-04-12 N/A
Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.
CVE-2015-6315 1 Cisco 1 Aironet Access Point Software 2025-04-12 N/A
Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via crafted CLI commands, aka Bug ID CSCuv79694.
CVE-2015-6322 1 Cisco 1 Anyconnect Secure Mobility Client 2025-04-12 N/A
The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local users to bypass intended access restrictions and move arbitrary files by leveraging the lack of source-path validation, aka Bug ID CSCuv48563.
CVE-2015-6333 1 Cisco 1 Application Policy Infrastructure Controller 2025-04-12 N/A
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.
CVE-2015-6335 1 Cisco 1 Firesight System Software 2025-04-12 N/A
The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote authenticated administrators to bypass intended policy restrictions and execute Linux commands as root via unspecified vectors, aka Bug ID CSCuw12839.
CVE-2015-6341 1 Cisco 1 Wireless Lan Controller Software 2025-04-12 N/A
The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices with software 7.4(140.0) and 8.0(120.0) allows remote attackers to cause a denial of service (client disconnection) via unspecified vectors, aka Bug ID CSCuw10610.
CVE-2015-6347 1 Cisco 1 Secure Access Control Server 2025-04-12 N/A
The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page.
CVE-2015-6348 1 Cisco 1 Secure Access Control Server 2025-04-12 N/A
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page.
CVE-2015-6362 1 Cisco 1 Connected Grid Network Management System 2025-04-12 N/A
The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640.