CVEs from 2015

7,323 normalized CVEs published or assigned in this year.

Total

7,323

critical

critical 1,306

high

high 1,666

medium

medium 3,617

low

low 554

% Critical

17.8%

% with KEV

0.6%

% with exploit

0.8%

Top vendors

adobe 6,231
ibm 5,366
mozilla 5,348
oracle 1,591
php 1,526
microsoft 1,380
cisco 1,374
f5 1,115

Top products

firefox 4,609
flash_player 3,392
php 1,526
moodle 1,087
acrobat 878
acrobat_reader 878
safari 736
internet_explorer 712

Top packages

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2015-7896	medium	6.5	6.5	9y ago	LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.
CVE-2015-1830	medium	—	6.0	11y ago	Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ
CVE-2015-7889	medium	5.5	5.5	9y ago	The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service a…
CVE-2015-7898	medium	5.5	5.5	9y ago	Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).
CVE-2015-7895	medium	5.5	5.5	9y ago	Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash).