CVEs from 2015
Total
7,317
critical
critical 1,306
high
high 1,666
medium
medium 3,617
low
low 554
% Critical
17.8%
% with KEV
0.6%
% with exploit
0.8%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat 878
- acrobat_reader 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2015-1538 | critical | — | 10.0 | 11y ago | Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted … | |
| CVE-2015-7894 | high | 8.8 | 8.8 | 9y ago | The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process… | |
| CVE-2015-6639 | high | 7.8 | 7.8 | 11y ago | The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka i… | |
| CVE-2015-7897 | high | — | 7.5 | 11y ago | The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial o… | |
| CVE-2015-7891 | high | 7.0 | 7.0 | 9y ago | Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging def… | |
| CVE-2015-4000 | low | 3.7 | 4.7 | 11y ago | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to c… | |
| CVE-2015-5317 | unknown | — | 1.5 | 4y ago | Jenkins discloses project names via fingerprints |