CVEs from 2015
Total
7,266
critical
critical 1,306
high
high 1,666
medium
medium 3,617
low
low 554
% Critical
18.0%
% with KEV
0.6%
% with exploit
10.1%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat 878
- acrobat_reader 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-5790 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we… | |||
| CVE-2015-5789 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted we… | |||
| CVE-2015-6966 | medium | — | 6.8 | 11y ago | Multiple cross-site request forgery (CSRF) vulnerabilities in Nibbleblog before 4.0.5 allow remote attackers to hijack the authentication of administrators for requests that (1) create a post via a n… | |||
| CVE-2015-6828 | medium | — | 6.8 | 11y ago | The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and earlier for WordPress does not use an HTTPS session for downloading serialized data, which allows man… | |||
| CVE-2015-6948 | medium | — | 6.8 | 11y ago | Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document. | |||
| CVE-2015-5629 | medium | — | 6.8 | 11y ago | The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and 1.0.2 and earlier for iOS allows attackers to bypass a URL whitelist protection mechanism and obtai… | |||
| CVE-2015-6465 | medium | — | 6.8 | 11y ago | The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote authenticated users to cause a denial of service (reboot) via a crafted URL. | |||
| CVE-2015-5631 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in the Remote UI on Canon PIXMA MG7500 printers allows remote attackers to hijack the authentication of administrators. | |||
| CVE-2015-5624 | medium | — | 6.8 | 11y ago | Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allows remote attackers to execute arbitrary code via a crafted HTML document, related to the discontin… | |||
| CVE-2015-2991 | medium | — | 6.8 | 11y ago | Buffer overflow in NScripter before 3.00 allows remote attackers to execute arbitrary code via crafted save data. | |||
| CVE-2015-6582 | medium | — | 6.8 | 11y ago | The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google Chrome before 45.0.2454.85, does not verify that a matrix inversion succeeded, which allows remote a… | |||
| CVE-2015-5411 | medium | — | 6.8 | 11y ago | HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors. | |||
| CVE-2015-5949 | medium | — | 6.8 | 11y ago | VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted 3GP file, which triggers the freeing of arbitrary pointe… | |||
| CVE-2015-6262 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2(0.103) and 2.0(0.0) allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCum49054 a… | |||
| CVE-2015-5786 | medium | — | 6.8 | 11y ago | Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability tha… | |||
| CVE-2015-5785 | medium | — | 6.8 | 11y ago | Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulnerability tha… | |||
| CVE-2015-6664 | medium | — | 6.8 | 11y ago | XML external entity (XXE) vulnerability in the application import functionality in SAP Mobile Platform 2.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact v… | |||
| CVE-2015-6662 | medium | — | 6.8 | 11y ago | XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security N… | |||
| CVE-2015-6660 | medium | — | 6.8 | 11y ago | The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token, which allows remote attackers to conduct CSRF attacks that upload files in a different user's acc… | |||
| CVE-2015-2905 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability on Actiontec GT784WN modems with firmware before NCS01-1.0.13 allows remote attackers to hijack the authentication or intranet connectivity of arbitrar… | |||
| CVE-2015-2983 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in admin.php in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote attackers to hijack the authentica… | |||
| CVE-2015-4530 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebTop before 6.8P01, Documentum Administrator through 7.2, Documentum Digital Assets Manager through 6.5SP6, Documentum Web Publishe… | |||
| CVE-2015-0542 | medium | — | 6.8 | 11y ago | Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 allow remote attackers to hijack the authentication of arbitrary users. | |||
| CVE-2015-6523 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in the Portfolio plugin before 1.05 for WordPress allows remote attackers to hijack the authentication of administrators for requests that have unspeci… | |||
| CVE-2015-4308 | medium | — | 6.8 | 11y ago | The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devices allows remote authenticated users to obtain sensitive information via unspecified vectors, aka … | |||
| CVE-2015-4301 | medium | — | 6.8 | 11y ago | Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of service (device hang) via large files that are copied to a device's filesystem, aka Bug ID CSCuu77225. | |||
| CVE-2015-5505 | medium | — | 6.8 | 11y ago | The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 for Drupal does not properly implement the "include subdomains" directive, which causes the HSTS pol… | |||
| CVE-2015-5778 | medium | — | 6.8 | 11y ago | CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra… | |||
| CVE-2015-5777 | medium | — | 6.8 | 11y ago | CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a cra… | |||
| CVE-2015-5773 | medium | — | 6.8 | 11y ago | QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted offi… | |||
| CVE-2015-5772 | medium | — | 6.8 | 11y ago | Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code via a crafted Collada file. | |||
| CVE-2015-5771 | medium | — | 6.8 | 11y ago | Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted QuickTime… | |||
| CVE-2015-5761 | medium | — | 6.8 | 11y ago | CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font … | |||
| CVE-2015-5758 | medium | — | 6.8 | 11y ago | ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF i… | |||
| CVE-2015-5756 | medium | — | 6.8 | 11y ago | FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted fon… | |||
| CVE-2015-5755 | medium | — | 6.8 | 11y ago | CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font … | |||
| CVE-2015-5753 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-5751 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3794 | medium | — | 6.8 | 11y ago | The Speech UI in Apple OS X before 10.10.5, when speech alerts are enabled, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) vi… | |||
| CVE-2015-3792 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3791 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3790 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3789 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3788 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3779 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3765 | medium | — | 6.8 | 11y ago | QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted file, a different vulne… | |||
| CVE-2015-3749 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3748 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3747 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3746 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3745 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3744 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3743 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3742 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3741 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3740 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3739 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3738 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3737 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3736 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3735 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3734 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3733 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3732 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3731 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-3730 | medium | — | 6.8 | 11y ago | WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corru… | |||
| CVE-2015-4491 | medium | — | 6.8 | 11y ago | Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on L… | |||
| CVE-2015-3283 | medium | — | 6.8 | 11y ago | OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors. | |||
| CVE-2015-5522 | medium | — | 6.8 | 11y ago | Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service (crash) via vectors involving a command character in an hre… | |||
| CVE-2015-3228 | medium | — | 6.8 | 11y ago | Integer overflow in the gs_heap_alloc_bytes function in base/gsmalloc.c in Ghostscript 9.15 and earlier allows remote attackers to cause a denial of service (crash) via a crafted Postscript (ps) file… | |||
| CVE-2015-2980 | medium | — | 6.8 | 11y ago | The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute arbitrary Java methods, and consequently obtain sensitive information or execute OS commands, via a crafte… | |||
| CVE-2015-1872 | medium | — | 6.8 | 11y ago | The ff_mjpeg_decode_sof function in libavcodec/mjpegdec.c in FFmpeg before 2.5.4 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause… | |||
| CVE-2015-2848 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in Honeywell Tuxedo Touch before 5.2.19.0_VA allows remote attackers to hijack the authentication of arbitrary users for requests associated with home-… | |||
| CVE-2015-1288 | medium | — | 6.8 | 11y ago | The Spellcheck API implementation in Google Chrome before 44.0.2403.89 does not use an HTTPS session for downloading a Hunspell dictionary, which allows man-in-the-middle attackers to deliver incorre… | |||
| CVE-2015-1283 | medium | — | 6.8 | 11y ago | Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (… | |||
| CVE-2015-1282 | medium | — | 6.8 | 11y ago | Multiple use-after-free vulnerabilities in fpdfsdk/src/javascript/Document.cpp in PDFium, as used in Google Chrome before 44.0.2403.89, allow remote attackers to cause a denial of service or possibly… | |||
| CVE-2015-1274 | medium | — | 6.8 | 11y ago | Google Chrome before 44.0.2403.89 does not ensure that the auto-open list omits all dangerous file types, which makes it easier for remote attackers to execute arbitrary code by providing a crafted f… | |||
| CVE-2015-1273 | medium | — | 6.8 | 11y ago | Heap-based buffer overflow in j2k.c in OpenJPEG before r3002, as used in PDFium in Google Chrome before 44.0.2403.89, allows remote attackers to cause a denial of service or possibly have unspecified… | |||
| CVE-2015-1271 | medium | — | 6.8 | 11y ago | PDFium, as used in Google Chrome before 44.0.2403.89, does not properly handle certain out-of-memory conditions, which allows remote attackers to cause a denial of service (heap-based buffer overflow… | |||
| CVE-2015-1270 | medium | — | 6.8 | 11y ago | The ucnv_io_getConverterName function in common/ucnv_io.cpp in International Components for Unicode (ICU), as used in Google Chrome before 44.0.2403.89, mishandles converter names with initial x- sub… | |||
| CVE-2015-4281 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCus56150 and CSCus56146. | |||
| CVE-2015-4111 | medium | — | 6.8 | 11y ago | mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with installer before 1.1.0.22 allows remote attackers to execute arbitrary code via a crafted MP4 file. | |||
| CVE-2015-0157 | medium | — | 6.8 | 11y ago | IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by leveragin… | |||
| CVE-2015-0795 | medium | — | 6.8 | 11y ago | Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExec.1 ActiveX control in NetIQExec.dll in NetIQ Security Solutions for iSeries 8.1 allow remote attac… | |||
| CVE-2015-4274 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence Center 10.0(1) and 10.6(1) allows remote attackers to hijack the authentication of arbitrary users, … | |||
| CVE-2015-3259 | medium | — | 6.8 | 11y ago | Stack-based buffer overflow in the xl command line utility in Xen 4.1.x through 4.5.x allows local guest administrators to gain privileges via a long configuration argument. | |||
| CVE-2015-4759 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-4758 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-4747 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7 and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via… | |||
| CVE-2015-2635 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-2634 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-0446 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-0445 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-0444 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-0443 | medium | — | 6.8 | 11y ago | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vec… | |||
| CVE-2015-4267 | medium | — | 6.8 | 11y ago | Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engine (ISE) 1.2(0.793), 1.3(0.876), 1.4(0.109), 2.0(0.147), and 2.0(0.169) allows remote attackers to … | |||
| CVE-2015-5113 | medium | — | 6.8 | 11y ago | Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Co… | |||
| CVE-2015-5111 | medium | — | 6.8 | 11y ago | Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Co… | |||
| CVE-2015-5110 | medium | — | 6.8 | 11y ago | Stack-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Con… | |||
| CVE-2015-5109 | medium | — | 6.8 | 11y ago | Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous bef… |