CVEs from 2015
Total
7,313
critical
critical 1,306
high
high 1,666
medium
medium 3,617
low
low 554
% Critical
17.9%
% with KEV
0.6%
% with exploit
0.8%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat_reader 878
- acrobat 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2015-1538 | critical | — | 10.0 | 11y ago | Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code via crafted … | |
| CVE-2015-7896 | medium | 6.5 | 6.5 | 9y ago | LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | |
| CVE-2015-1830 | medium | — | 6.0 | 11y ago | Improper Limitation of a Pathname to a Restricted Directory in Apache ActiveMQ | |
| CVE-2015-7889 | medium | 5.5 | 5.5 | 9y ago | The SecEmailComposer/EmailComposer application in the Samsung S6 Edge before the October 2015 MR uses weak permissions for the com.samsung.android.email.intent.action.QUICK_REPLY_BACKGROUND service a… | |
| CVE-2015-7898 | medium | 5.5 | 5.5 | 9y ago | Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |
| CVE-2015-7895 | medium | 5.5 | 5.5 | 9y ago | Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |
| CVE-2015-1427 | unknown | — | 1.5 | 4y ago | Improper Access Control in Elasticsearch | |
| CVE-2015-5317 | unknown | — | 1.5 | 4y ago | Jenkins discloses project names via fingerprints |