|
212471
|
7.5 |
HIGH
Network
|
nodejs
|
node.js
|
Node.js 0.12.x before 0.12.9, 4.x before 4.2.3, and 5.x before 5.1.1 does not ensure the availability of a parser for each HTTP socket, which allows remote attackers to cause a denial of service (unc…
|
CWE-17
Code
|
CVE-2015-8027
|
2024-11-21 11:37 |
2016-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212472
|
5.8 |
MEDIUM
Network
|
corega
|
cg-wlncm4g_firmware
|
Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a denial of service (traffic amplification) via crafted queries.
|
CWE-20
Improper Input Validation
|
CVE-2015-7794
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212473
|
5.8 |
MEDIUM
Network
|
corega
|
cg-wlbaragm_firmware
|
Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to trigger outbound network traffic via unspecified vectors.
|
CWE-17
Code
|
CVE-2015-7793
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212474
|
9.8 |
CRITICAL
Network
|
corega
|
cg-wlbargs_firmware
|
Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7792
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212475
|
6.1 |
MEDIUM
Network
|
asus
|
wl-330nul_firmware
|
Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-7790
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212476
|
4.3 |
MEDIUM
Adjacent
|
asus
|
wl-33nul_firmware
wl-330nul
|
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to cause a denial of service via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2015-7789
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212477
|
7.3 |
HIGH
Network
|
asus
|
wl-330nul_firmware
|
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2015-7788
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212478
|
4.3 |
MEDIUM
Adjacent
|
asus
|
wl-330nul_firmware
|
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the WPA2-PSK passphrase via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2015-7787
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212479
|
4.3 |
MEDIUM
Network
|
bokublock
|
bbadminviewscontrol213
bbadminviewscontrol
|
SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2) BbAdminViewsControl plugin before 2.1 for EC-CUBE allows remote authenticated users to execute arbitr…
|
CWE-89
SQL Injection
|
CVE-2015-7784
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212480
|
6.1 |
MEDIUM
Network
|
let\'s_php\!
|
frame_high-speed_chat
|
Cross-site scripting (XSS) vulnerability in Let's PHP! Frame high-speed chat before 2015-09-22 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2015-7782
|
2024-11-21 11:37 |
2015-12-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
