CVEs from 2015
Total
7,313
critical
critical 1,306
high
high 1,666
medium
medium 3,617
low
low 554
% Critical
17.9%
% with KEV
0.6%
% with exploit
0.8%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat 878
- acrobat_reader 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2015-1538 | critical | — | 10.0 | 11y ago | Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted … | |
| CVE-2015-7894 | high | 8.8 | 8.8 | 9y ago | The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process… | |
| CVE-2015-6639 | high | 7.8 | 7.8 | 11y ago | The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka i… | |
| CVE-2015-7897 | high | — | 7.5 | 11y ago | The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial o… | |
| CVE-2015-7891 | high | 7.0 | 7.0 | 9y ago | Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging def… | |
| CVE-2015-7896 | medium | 6.5 | 6.5 | 9y ago | LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | |
| CVE-2015-1830 | medium | — | 6.0 | 11y ago | Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ | |
| CVE-2015-7889 | medium | 5.5 | 5.5 | 9y ago | The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service a… | |
| CVE-2015-7898 | medium | 5.5 | 5.5 | 9y ago | Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |
| CVE-2015-7895 | medium | 5.5 | 5.5 | 9y ago | Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |
| CVE-2015-4000 | low | 3.7 | 4.7 | 11y ago | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to c… |