CVEs from 2015
Total
7,267
critical
critical 1,306
high
high 1,666
medium
medium 3,617
low
low 554
% Critical
18.0%
% with KEV
0.6%
% with exploit
2.2%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat 878
- acrobat_reader 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-9016 | unknown | — | — | — | In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead… | |||
| CVE-2015-20001 | unknown | — | — | — | In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range … | |||
| CVE-2015-5230 | unknown | — | — | — | The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets. | |||
| CVE-2015-8031 | unknown | — | — | 4y ago | Hudson XML API susceptible to External Entity Injection Vunerability prior to v3.3.2 | |||
| CVE-2015-5298 | unknown | — | — | 4y ago | Jenkins Google Login Plugin 1.0 and 1.1 allows anonymous users to authenticate through client-side request modification | |||
| CVE-2015-9543 | unknown | — | — | 4y ago | An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs … | |||
| CVE-2015-1811 | unknown | — | — | 4y ago | XML external entity (XXE) vulnerability in Jenkins | |||
| CVE-2015-1809 | unknown | — | — | 4y ago | XML external entity (XXE) vulnerability in Jenkins | |||
| CVE-2015-6420 | unknown | — | — | 6y ago | Insecure Deserialization in Apache Commons Collection | |||
| CVE-2015-7559 | unknown | — | — | 7y ago | Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ |