Vulnerabilities (CVE)

Filtered by CWE-254
Total 409 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-4498 1 Mozilla 1 Firefox 2024-11-21 7.5 HIGH N/A
The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 allows remote attackers to bypass an intended user-confirmation requirement by constructing a crafted data: URL and triggering navigation to an arbitrary http: or https: URL at a certain early point in the installation process.
CVE-2015-4476 2 Google, Mozilla 2 Android, Firefox 2024-11-21 4.3 MEDIUM N/A
Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar attributes by leveraging lack of navigation after a paste of a URL with a nonstandard scheme, as demonstrated by spoofing an SSL attribute.
CVE-2015-4112 1 Blackberry 1 Enterprise Server 2024-11-21 4.3 MEDIUM N/A
The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.
CVE-2015-3996 1 Afnetworking Project 1 Afnetworking 2024-11-21 4.3 MEDIUM N/A
The default AFSecurityPolicy.validatesDomainName configuration for AFSSLPinningModeNone in the AFNetworking framework before 2.5.3, as used in the ownCloud iOS Library, disables verification of a server hostname against the domain name in the subject's Common Name (CN) of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
CVE-2015-3973 1 Janitza 5 Umg 508, Umg 509, Umg 511 and 2 more 2024-11-21 5.0 MEDIUM N/A
Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes it easier for remote attackers to determine a PIN value via unspecified computations on session-token values.
CVE-2015-3972 1 Janitza 5 Umg 508, Umg 509, Umg 511 and 2 more 2024-11-21 10.0 HIGH N/A
The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices supports only short PIN values for authentication, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVE-2015-3900 4 Oracle, Redhat, Ruby-lang and 1 more 4 Solaris, Enterprise Linux, Ruby and 1 more 2024-11-21 5.0 MEDIUM N/A
RubyGems 2.0.x before 2.0.16, 2.2.x before 2.2.4, and 2.4.x before 2.4.7 does not validate the hostname when fetching gems or making API requests, which allows remote attackers to redirect requests to arbitrary domains via a crafted DNS SRV record, aka a "DNS hijack attack."
CVE-2015-3756 1 Apple 1 Iphone Os 2024-11-21 2.1 LOW N/A
The Certificate UI in Apple iOS before 8.4.1 does not prevent X.509 certificate acceptance within the lock screen, which allows physically proximate attackers to establish arbitrary certificate trust relationships by completing a dialog.
CVE-2015-3755 1 Apple 2 Iphone Os, Safari 2024-11-21 4.3 MEDIUM N/A
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to spoof the user interface via a malformed URL.
CVE-2015-3751 1 Apple 2 Iphone Os, Safari 2024-11-21 5.0 MEDIUM N/A
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, allows remote attackers to bypass a Content Security Policy protection mechanism by using a video control in conjunction with an IMG element within an OBJECT element.
CVE-2015-3750 1 Apple 2 Iphone Os, Safari 2024-11-21 6.4 MEDIUM N/A
WebKit in Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not enforce the HTTP Strict Transport Security (HSTS) protection mechanism for Content Security Policy (CSP) report requests, which allows man-in-the-middle attackers to obtain sensitive information by sniffing the network or spoof a report by modifying the client-server data stream.
CVE-2015-3729 1 Apple 2 Iphone Os, Safari 2024-11-21 4.3 MEDIUM N/A
Apple Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, as used in iOS before 8.4.1 and other products, does not indicate what web site originated an input prompt, which allows remote attackers to conduct spoofing attacks via a crafted site.
CVE-2015-3728 1 Apple 1 Iphone Os 2024-11-21 4.8 MEDIUM N/A
The WiFi Connectivity feature in Apple iOS before 8.4 allows remote Wi-Fi access points to trigger an automatic association, with an arbitrary security type, by operating with a recognized ESSID within an 802.11 network's coverage area.
CVE-2015-3722 1 Apple 1 Iphone Os 2024-11-21 4.3 MEDIUM N/A
Application Store in Apple iOS before 8.4 does not ensure the uniqueness of bundle IDs, which allows attackers to cause a denial of service (ID collision and launch outage) via a crafted universal provisioning profile app.
CVE-2015-3715 1 Apple 1 Mac Os X 2024-11-21 6.8 MEDIUM N/A
The code-signing implementation in Apple OS X before 10.10.4 does not properly consider libraries that are external to an application bundle, which allows attackers to bypass intended launch restrictions via a crafted library.
CVE-2015-3714 1 Apple 1 Mac Os X 2024-11-21 5.0 MEDIUM N/A
Apple OS X before 10.10.4 does not properly consider custom resource rules during app signature verification, which allows attackers to bypass intended launch restrictions via a modified app.
CVE-2015-3710 1 Apple 2 Iphone Os, Mac Os X 2024-11-21 4.3 MEDIUM N/A
Mail in Apple iOS before 8.4 and OS X before 10.10.4 allows remote attackers to trigger a refresh operation, and consequently cause a visit to an arbitrary web site, via a crafted HTML e-mail message.
CVE-2015-3693 1 Apple 1 Mac Os X 2024-11-21 9.3 HIGH N/A
Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.
CVE-2015-3658 1 Apple 3 Iphone Os, Mac Os X, Safari 2024-11-21 6.8 MEDIUM N/A
The Page Loading functionality in WebKit in Apple Safari before 6.2.7, 7.x before 7.1.7, and 8.x before 8.0.7, as used in Apple iOS before 8.4 and other products, does not properly consider redirects during decisions about sending an Origin header, which makes it easier for remote attackers to bypass CSRF protection mechanisms via a crafted web site.
CVE-2015-3449 1 Sap 1 Afaria 2024-11-21 7.2 HIGH N/A
The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions (Everyone: read and Everyone: write) for the install folder, which allows local users to gain privileges via a Trojan horse XeService.exe file.