CVE-2015-5432
https://notcve.org/view.php?id=CVE-2015-5432
HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote attackers to obtain sensitive information or modify data via unspecified vectors. Vulnerabilidad en HP Virtual Connect Enterprise Manager (VCEM) SDK en versiones anteriores a 7.5.0, tal como se utiliza en HP Matrix Operating Environment en versiones anteriores a 7.5.0 y otros productos, permite a atacantes remotos obtener información sensible o modificar datos a través de vectores no especificados. • https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774021 •
CVE-2015-5433
https://notcve.org/view.php?id=CVE-2015-5433
HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Environment before 7.5.0 and other products, allows remote authenticated users to obtain sensitive information via unspecified vectors. Vulnerabilidad en HP Virtual Connect Enterprise Manager (VCEM) SDK en versiones anteriores a 7.5.0, tal como se utiliza en HP Matrix Operating Environment en versiones anteriores a 7.5.0 y otros productos, permite a usuarios remotos autenticados obtener información sensible a través de vectores no especificados. • https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774019 https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04774021 •
CVE-2015-3113 – Adobe Flash Player Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2015-3113
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in June 2015. Desbordamiento de buffer basado en memoria dinámica en Adobe Flash Player anterior a 13.0.0.296 y 14.x hasta 18.x anterior a 18.0.0.194 en Windows y OS X y anterior a 11.2.202.468 en Linux permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados, tal y como fue utilizado activamente en junio del 2015. Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code. • https://www.exploit-db.com/exploits/37536 http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00025.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00002.html http://marc.info/?l=bugtraq&m=144050155601375&w=2 http://rhn.redhat.com/errata/RHSA-2015-1184.html http://www.securityfocus.com/bid/75371 http://www.securitytracker.com/id/1032696 https://bugzilla.redhat.com/show_bug. • CWE-787: Out-of-bounds Write •
CVE-2010-3986
https://notcve.org/view.php?id=CVE-2010-3986
Unspecified vulnerability in HP Virtual Connect Enterprise Manager (VCEM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors. Vulnerabilidad no especificada en HP Virtual Connect Enterprise Manager (VCEM) v6.0 y v6.1 permite a atacantes remotos leer archivos de su elección a través de vectores desconocidos. • http://marc.info/?l=bugtraq&m=128776031714107&w=2 http://secunia.com/advisories/41926 http://www.securitytracker.com/id?1024631 http://www.vupen.com/english/advisories/2010/2759 •
CVE-2010-1969
https://notcve.org/view.php?id=CVE-2010-1969
Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en HP Virtual Connect Enterprise Manager para Windows anterior a v6.1, permite a atacantes remotos inyectar código web o HTML de su elección a través de vectores desconocidos • http://secunia.com/advisories/40552 http://www.securitytracker.com/id?1024181 http://www.vupen.com/english/advisories/2010/1797 http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02283465&admit=109447626+1279054975923+28353475 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •