CVEs from 2015
Total
7,313
critical
critical 1,306
high
high 1,666
medium
medium 3,617
low
low 554
% Critical
17.9%
% with KEV
0.6%
% with exploit
0.8%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat 878
- acrobat_reader 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2015-9025 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE application. | |
| CVE-2015-9023 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. | |
| CVE-2015-9020 | high | 7.8 | 7.8 | 9y ago | In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerability exists in the unlocking of memory. | |
| CVE-2015-4596 | high | 7.8 | 7.8 | 9y ago | Lenovo Mouse Suite before 6.73 allows local users to run arbitrary code with administrator privileges. | |
| CVE-2015-6240 | high | 7.8 | 7.8 | 9y ago | The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack. | |
| CVE-2015-7724 | high | 7.8 | 7.8 | 9y ago | AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. NOTE: This vulnerability exists due to an incomplete fix for CVE-2015-7723. | |
| CVE-2015-7723 | high | 7.8 | 7.8 | 9y ago | AMD fglrx-driver before 15.7 allows local users to gain privileges via a symlink attack. | |
| CVE-2015-9007 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. | |
| CVE-2015-9006 | high | 7.8 | 7.8 | 9y ago | In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. | |
| CVE-2015-9005 | high | 7.8 | 7.8 | 9y ago | In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | |
| CVE-2015-6531 | high | 7.8 | 7.8 | 9y ago | Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file. | |
| CVE-2015-8089 | high | 7.8 | 7.8 | 9y ago | The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memo… | |
| CVE-2015-9003 | high | 7.8 | 7.8 | 9y ago | In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel. | |
| CVE-2015-9002 | high | 7.8 | 7.8 | 9y ago | In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |
| CVE-2015-9000 | high | 7.8 | 7.8 | 9y ago | In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel. | |
| CVE-2015-8999 | high | 7.8 | 7.8 | 9y ago | In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file. | |
| CVE-2015-8998 | high | 7.8 | 7.8 | 9y ago | In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | |
| CVE-2015-8995 | high | 7.8 | 7.8 | 9y ago | In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel. | |
| CVE-2015-9004 | high | 7.8 | 7.8 | 9y ago | kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_even… | |
| CVE-2015-8110 | high | 7.8 | 7.8 | 9y ago | Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0019 allows local users to gain privileges by navigating to (1) "Click here to learn more" or (2) "View privacy policy" within t… | |
| CVE-2015-8107 | high | 7.8 | 7.8 | 9y ago | Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code. | |
| CVE-2015-7270 | high | 7.8 | 7.8 | 9y ago | Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | |
| CVE-2015-7260 | high | 7.8 | 7.8 | 9y ago | Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file. | |
| CVE-2015-8026 | high | 7.8 | 7.8 | 9y ago | Heap-based buffer overflow in the verify_vbr_checksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service (infinite loop) or possibly execute arbitr… | |
| CVE-2015-8971 | high | 7.8 | 7.8 | 10y ago | Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that modify the window title and then are written to the terminal, a similar issue to CVE-2003-0063. | |
| CVE-2015-0854 | high | 7.8 | 7.8 | 10y ago | App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action. | |
| CVE-2015-8967 | high | 7.8 | 7.8 | 10y ago | arch/arm64/kernel/sys.c in the Linux kernel before 4.0 allows local users to bypass the "strict page permissions" protection mechanism and modify the system-call table, and consequently gain privileg… | |
| CVE-2015-8966 | high | 7.8 | 7.8 | 10y ago | arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 4.4 allows local users to gain privileges via a crafted (1) F_OFD_GETLK, (2) F_OFD_SETLK, or (3) F_OFD_SETLKW command in an fcntl64 system… | |
| CVE-2015-1328 | high | 7.8 | 7.8 | 10y ago | The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem director… | |
| CVE-2015-8961 | high | 7.8 | 7.8 | 10y ago | The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper acc… | |
| CVE-2015-3288 | high | 7.8 | 7.8 | 10y ago | mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that trigge… | |
| CVE-2015-8951 | high | 7.8 | 7.8 | 10y ago | Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attack… | |
| CVE-2015-1000013 | high | 7.8 | 7.8 | 10y ago | Remote file upload vulnerability in wordpress plugin csv2wpec-coupon v1.1 | |
| CVE-2015-8931 | high | 7.8 | 7.8 | 10y ago | Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impa… | |
| CVE-2015-6396 | high | 7.8 | 7.8 | 10y ago | The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arbitrary shell commands as an administrator via crafted parameters, aka Bug IDs CSCuv90134, CSCux5816… | |
| CVE-2015-0568 | high | 7.8 | 7.8 | 10y ago | Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Andro… | |
| CVE-2015-8943 | high | 7.8 | 7.8 | 10y ago | drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, whic… | |
| CVE-2015-8942 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain … | |
| CVE-2015-8941 | high | 7.8 | 7.8 | 10y ago | drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices does not properly validate array indexes, which all… | |
| CVE-2015-8940 | high | 7.8 | 7.8 | 10y ago | Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka Android… | |
| CVE-2015-8939 | high | 7.8 | 7.8 | 10y ago | drivers/video/msm/mdp4_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate r stages, g stages, or b stages data, which allows attackers to gain … | |
| CVE-2015-8938 | high | 7.8 | 7.8 | 10y ago | The MSM camera driver in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate input parameters, which allows attackers to gain privileges via a crafted applicatio… | |
| CVE-2015-8937 | high | 7.8 | 7.8 | 10y ago | drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 6, and 7 (2013) devices mishandles a socket process, which allows attackers to gain privileges vi… | |
| CVE-2015-8892 | high | 7.8 | 7.8 | 10y ago | platform/msm_shared/boot_verifier.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to bypass intended access restrictions via a digest with traili… | |
| CVE-2015-8891 | high | 7.8 | 7.8 | 10y ago | Multiple integer overflows in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to bypass intended access restrictions via a cr… | |
| CVE-2015-8890 | high | 7.8 | 7.8 | 10y ago | platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows … | |
| CVE-2015-8889 | high | 7.8 | 7.8 | 10y ago | The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices omits the recovery PIN feature, which has unspecified impact and attack vectors, aka Android inter… | |
| CVE-2015-8888 | high | 7.8 | 7.8 | 10y ago | Integer overflow in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to bypass intended access restrictions via a crafted block count and … | |
| CVE-2015-5723 | high | 7.8 | 7.8 | 10y ago | Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB… | |
| CVE-2015-5260 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host v… | |
| CVE-2015-5228 | high | 7.8 | 7.8 | 10y ago | The service daemon in CRIU creates log and dump files insecurely, which allows local users to create arbitrary files and take ownership of existing files via unspecified vectors related to a director… | |
| CVE-2015-8875 | high | 7.8 | 7.8 | 10y ago | Multiple integer overflows in the (1) pixops_composite_nearest, (2) pixops_composite_color_nearest, and (3) pixops_process functions in pixops/pixops.c in gdk-pixbuf before 2.33.1 allow remote attack… | |
| CVE-2015-8156 | high | 7.8 | 7.8 | 10y ago | Unquoted Windows search path vulnerability in EEDService in Symantec Endpoint Encryption (SEE) 11.x before 11.1.1 allows local users to gain privileges via a Trojan horse executable file in the %SYST… | |
| CVE-2015-8312 | high | 7.8 | 7.8 | 10y ago | Off-by-one error in afs_pioctl.c in OpenAFS before 1.6.16 might allow local users to cause a denial of service (memory overwrite and system crash) via a pioctl with an input buffer size of 4096 bytes. | |
| CVE-2015-0571 | high | 7.8 | 7.8 | 10y ago | The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for … | |
| CVE-2015-0570 | high | 7.8 | 7.8 | 10y ago | Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) … | |
| CVE-2015-0569 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation C… | |
| CVE-2015-8868 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or poss… | |
| CVE-2015-8830 | high | 7.8 | 7.8 | 10y ago | Integer overflow in the aio_setup_single_vector function in fs/aio.c in the Linux kernel 4.0 allows local users to cause a denial of service or possibly have unspecified other impact via a large AIO … | |
| CVE-2015-8019 | high | 7.8 | 7.8 | 10y ago | The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (… | |
| CVE-2015-2686 | high | 7.8 | 7.8 | 10y ago | net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subs… | |
| CVE-2015-8325 | high | 7.8 | 7.8 | 10y ago | The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows loc… | |
| CVE-2015-7378 | high | 7.8 | 7.8 | 10y ago | Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda… | |
| CVE-2015-8106 | high | 7.8 | 7.8 | 10y ago | Format string vulnerability in the CmdKeywords function in funct1.c in latex2rtf before 2.3.10 allows remote attackers to execute arbitrary code via format string specifiers in the \keywords command … | |
| CVE-2015-7552 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the gdk_pixbuf_flip function in gdk-pixbuf-scale.c in gdk-pixbuf 2.30.x allows remote attackers to cause a denial of service or possibly execute arbitrary code via a cra… | |
| CVE-2015-8620 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the Avast virtualization driver (aswSnx.sys) in Avast Internet Security, Pro Antivirus, Premier, and Free Antivirus before 11.1.2253 allows local users to gain privilege… | |
| CVE-2015-8304 | high | 7.8 | 7.8 | 10y ago | Integer overflow in Huawei P7 phones with software before P7-L07 V100R001C01B606 allows remote attackers to gain privileges via a crafted application with the system or camera permission. | |
| CVE-2015-5349 | high | 7.8 | 7.8 | 10y ago | Apache Directory Studio Command Injection | |
| CVE-2015-8681 | high | 7.8 | 7.8 | 10y ago | The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL1… | |
| CVE-2015-8680 | high | 7.8 | 7.8 | 10y ago | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-… | |
| CVE-2015-8319 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before… | |
| CVE-2015-8318 | high | 7.8 | 7.8 | 10y ago | Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before… | |
| CVE-2015-8307 | high | 7.8 | 7.8 | 10y ago | The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-… | |
| CVE-2015-8150 | high | 7.8 | 7.8 | 10y ago | Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file. | |
| CVE-2015-8539 | high | 7.8 | 7.8 | 10y ago | The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (BUG) via crafted keyctl commands that negatively instantiate a key, related to se… | |
| CVE-2015-8306 | high | 7.8 | 7.8 | 11y ago | Buffer overflow in the HIFI driver in Huawei P8 phones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230… | |
| CVE-2015-8088 | high | 7.8 | 7.8 | 11y ago | Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 bef… | |
| CVE-2015-6980 | high | 7.8 | 7.8 | 11y ago | Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which allows local users to gain privileges via unspecified vectors. | |
| CVE-2015-7362 | high | 7.8 | 7.8 | 11y ago | Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc set… | |
| CVE-2015-6856 | high | 7.8 | 7.8 | 11y ago | Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call. | |
| CVE-2015-6647 | high | 7.8 | 7.8 | 11y ago | The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka i… | |
| CVE-2015-6640 | high | 7.8 | 7.8 | 11y ago | The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows at… | |
| CVE-2015-6639 | high | 7.8 | 7.8 | 11y ago | The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka i… | |
| CVE-2015-6638 | high | 7.8 | 7.8 | 11y ago | The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908. | |
| CVE-2015-6637 | high | 7.8 | 7.8 | 11y ago | The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013. | |
| CVE-2015-6859 | high | 7.8 | 7.8 | 11y ago | HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2015-6860. | |
| CVE-2015-7489 | high | 7.8 | 7.8 | 11y ago | IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script. | |
| CVE-2015-8341 | high | — | 7.8 | 11y ago | The libxl toolstack library in Xen 4.1.x through 4.6.x does not properly release mappings of files used as kernels and initial ramdisks when managing multiple domains in the same process, which allow… | |
| CVE-2015-7068 | high | 7.8 | 7.8 | 11y ago | IOKit SCSI in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL … | |
| CVE-2015-6849 | high | — | 7.8 | 11y ago | EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 allows remote attackers to cause a denial of service (process outage) via malformed RPC authenticati… | |
| CVE-2015-6391 | high | — | 7.8 | 11y ago | Cisco Unified SIP 3905 phones allow remote attackers to cause a denial of service (resource consumption and functionality loss) via a large amount of network traffic, aka Bug ID CSCuh51331. | |
| CVE-2015-8330 | high | — | 7.8 | 11y ago | The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619. | |
| CVE-2015-6377 | high | — | 7.8 | 11y ago | Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka Bu… | |
| CVE-2015-8083 | high | — | 7.8 | 11y ago | An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified gateways with software before V200R003C00SPC300 does not properly initialize memory when processing timeout… | |
| CVE-2015-7910 | high | — | 7.8 | 11y ago | Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is unauthorized, which allows remote attackers to bypass intended access restrictions by disregarding this head… | |
| CVE-2015-7419 | high | — | 7.8 | 11y ago | IBM WebSphere Portal 8.0.0.1 before CF19 and 8.5.0 before CF09 allows remote attackers to cause a denial of service (memory consumption) via crafted requests. | |
| CVE-2015-6367 | high | — | 7.8 | 11y ago | Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of service (CPU consumption) by improperly establishing many SSHv2 connections, aka Bug ID CSCux13374. | |
| CVE-2015-7662 | high | — | 7.8 | 11y ago | Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK &… | |
| CVE-2015-6292 | high | — | 7.8 | 11y ago | The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2-004, 8.6.x and 8.7.x before 8.7.0-171-LD, and 8.8.x before 8.8.0-085 on Web Security Appliance (WS… | |
| CVE-2015-6321 | high | — | 7.8 | 11y ago | Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-042 on Email Security Appliance (ESA) devices; before 9.1.0-032, 9.1.1 before 9.1.1-005,… |