CVE List

Id CVE No. Status Description Phase Votes Comments Actions
78872  CVE-2015-1595  Candidate  The Siemens SPCanywhere application for Android and iOS does not use encryption during lookups of system ID to IP address mappings, which allows man-in-the-middle attackers to discover alarm IP addresses and spoof servers by intercepting the client-server data stream.  Assigned (20150213)  None (candidate not yet proposed)    View
13592  CVE-2005-2386  Candidate  Cross-site scripting (XSS) vulnerability in viewCart.asp in CartWIZ 1.20 allows remote attackers to inject arbitrary web script or HTML via the message parameter.  Assigned (20050727)  None (candidate not yet proposed)    View
79128  CVE-2015-1851  Candidate  OpenStack Cinder before 2014.1.5 (icehouse), 2014.2.x before 2014.2.4 (juno), and 2015.1.x before 2015.1.1 (kilo) allows remote authenticated users to read arbitrary files via a crafted qcow2 signature in an image to the upload-to-image command.  Assigned (20150217)  None (candidate not yet proposed)    View
13848  CVE-2005-2642  Candidate  Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext.  Assigned (20050821)  None (candidate not yet proposed)    View
79384  CVE-2015-2107  Candidate  HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS commands by leveraging SAP administrative privileges.  Assigned (20150227)  None (candidate not yet proposed)    View

Page 1902 of 20943, showing 5 records out of 104715 total, starting on record 9506, ending on 9510

Actions