CVEs from 2015
Total
7,261
critical
critical 1,307
high
high 1,666
medium
medium 3,616
low
low 554
% Critical
18.0%
% with KEV
0.6%
% with exploit
10.1%
Top vendors
Top products
- firefox 4,609
- flash_player 3,392
- php 1,526
- moodle 1,087
- acrobat 878
- acrobat_reader 878
- safari 736
- internet_explorer 712
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7400 | high | 7.7 | 7.7 | 11y ago | The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an… | |||
| CVE-2015-3977 | high | — | 7.7 | 11y ago | Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART Protocol allows remote authenticated users to execute arbitrary code or cause a denial of service (memory c… | |||
| CVE-2015-8947 | high | 7.6 | 7.6 | 10y ago | hb-ot-layout-gpos-table.hh in HarfBuzz before 1.0.5 allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted data, a different vul… | |||
| CVE-2015-8799 | high | 7.6 | 7.6 | 10y ago | Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for … | |||
| CVE-2015-5343 | high | 7.6 | 7.6 | 10y ago | Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x before 1.9.3 allows remote authenticated users to cause a denial of service (subversion server cra… | |||
| CVE-2015-7044 | high | — | 7.6 | 11y ago | The System Integrity Protection feature in Apple OS X before 10.11.2 mishandles union mounts, which allows attackers to execute arbitrary code in a privileged context via a crafted app with root priv… | |||
| CVE-2015-7016 | high | — | 7.6 | 11y ago | The MCX Application Restrictions component in Apple OS X before 10.11.1, when Managed Configuration is enabled, mishandles provisioning profiles, which allows attackers to bypass intended entitlement… | |||
| CVE-2015-4868 | high | — | 7.6 | 11y ago | Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | |||
| CVE-2015-4748 | high | — | 7.6 | 11y ago | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availa… | |||
| CVE-2015-0458 | high | — | 7.6 | 11y ago | Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||
| CVE-2015-2775 | high | — | 7.6 | 11y ago | Directory traversal vulnerability in GNU Mailman before 2.1.20, when not using a static alias, allows remote attackers to execute arbitrary files via a .. (dot dot) in a list name. | |||
| CVE-2015-3220 | high | 7.5 | 7.5 | 4y ago | The tlslite library before 0.4.9 for Python allows remote attackers to trigger a denial of service (runtime exception and process crash). | |||
| CVE-2015-8008 | high | 7.5 | 7.5 | 9y ago | The OAuth extension for MediaWiki improperly negotiates a new client token only over Special:OAuth/initiate, which allows attackers to bypass intended IP address access restrictions by making an API … | |||
| CVE-2015-0226 | high | 7.5 | 7.5 | 9y ago | Use of a Broken or Risky Cryptographic Algorithm in Apache WSS4J | |||
| CVE-2015-0224 | high | 7.5 | 7.5 | 9y ago | qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon crash) via a crafted protocol sequence set. NOTE: this vulnerability exists because of an incomplet… | |||
| CVE-2015-5177 | high | 7.5 | 7.5 | 9y ago | Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (crash) via a crafted package. | |||
| CVE-2015-6668 | high | 7.5 | 7.5 | 9y ago | The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute force attack to the WordPress upload directory structure, related to an insecure direct object refe… | |||
| CVE-2015-4421 | high | 7.5 | 7.5 | 9y ago | The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows local users to gain privileges or cause a denial of service (memory corruption) via an unspecified i… | |||
| CVE-2015-2156 | high | 7.5 | 7.5 | 9y ago | Information Exposure in Netty | |||
| CVE-2015-7503 | high | 7.5 | 7.5 | 9y ago | Zend Framework Information Disclosure | |||
| CVE-2015-7384 | high | 7.5 | 7.5 | 9y ago | Node.js 4.0.0, 4.1.0, and 4.1.1 allows remote attackers to cause a denial of service. | |||
| CVE-2015-1429 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in Cybele Software Thinfinity Remote Desktop Workstation 3.0.0.3 32-bit and 64-bit allows remote attackers to download arbitrary files via a .. (dot dot) in an unspe… | |||
| CVE-2015-2297 | high | 7.5 | 7.5 | 9y ago | nanohttp in libcsoap allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Authorization header. | |||
| CVE-2015-3138 | high | 7.5 | 7.5 | 9y ago | print-wb.c in tcpdump before 4.7.4 allows remote attackers to cause a denial of service (segmentation fault and process crash). | |||
| CVE-2015-5184 | high | 7.5 | 7.5 | 9y ago | Console: CORS headers set to allow all in Red Hat AMQ. | |||
| CVE-2015-5183 | high | 7.5 | 7.5 | 9y ago | Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ. | |||
| CVE-2015-7318 | high | 7.5 | 7.5 | 9y ago | Plone 3.3.0 through 3.3.6 allows remote attackers to inject headers into HTTP responses. | |||
| CVE-2015-8559 | high | 7.5 | 7.5 | 9y ago | The knife bootstrap command in chef Infra client before version 15.4.45 leaks the validator.pem private RSA key to /var/log/messages. | |||
| CVE-2015-9231 | high | 7.5 | 7.5 | 9y ago | iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords by reading DNS queries. A new (default) feature was added to iTerm2 version 3.0.0 (and unreleased 2.9.x versions such as 2.9.2015… | |||
| CVE-2015-3890 | high | 7.5 | 7.5 | 9y ago | Use-after-free vulnerability in Open Litespeed before 1.3.10. | |||
| CVE-2015-5179 | high | 7.5 | 7.5 | 9y ago | FreeIPA might display user data improperly via vectors involving non-printable characters. | |||
| CVE-2015-1854 | high | 7.5 | 7.5 | 9y ago | 389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and modify directory entries via a crafted ldapmodrdn call. | |||
| CVE-2015-0689 | high | 7.5 | 7.5 | 9y ago | Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protection mechanisms by leveraging improper handling of HTTP methods, aka Bug ID CSCut69743. | |||
| CVE-2015-4085 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1. | |||
| CVE-2015-3250 | high | 7.5 | 7.5 | 9y ago | Exposure of Sensitive Information to an Unauthorized Actor in Apache Directory LDAP API | |||
| CVE-2015-7294 | high | 7.5 | 7.5 | 9y ago | LDAP Injection in ldapauth | |||
| CVE-2015-5705 | high | 7.5 | 7.5 | 9y ago | Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arbitrary files via a crafted symlink and crafted filename. | |||
| CVE-2015-3454 | high | 7.5 | 7.5 | 9y ago | TelescopeJS before 0.15 leaks user bcrypt password hashes in websocket messages, which might allow remote attackers to obtain password hashes via a cross-site scripting attack. | |||
| CVE-2015-7255 | high | 7.5 | 7.5 | 9y ago | ZTE OX-330P, ZXHN H108N, W300V1.0.0S_ZRD_TR1_D68, HG110, GAN9.8T101A-B, MF28G, ZXHN H108N use non-unique X.509 certificates and SSH host keys, which might allow remote attackers to obtain credentials… | |||
| CVE-2015-5209 | high | 7.5 | 7.5 | 9y ago | Special top object can be used to access Struts' internals | |||
| CVE-2015-0234 | high | 7.5 | 7.5 | 9y ago | Multiple temporary file creation vulnerabilities in pki-core 10.2.0. | |||
| CVE-2015-1600 | high | 7.5 | 7.5 | 9y ago | Information disclosure vulnerability in Netatmo Indoor Module firmware 100 and earlier. | |||
| CVE-2015-1554 | high | 7.5 | 7.5 | 9y ago | kgb-bot 1.33-2 allows remote attackers to cause a denial of service (crash). | |||
| CVE-2015-1876 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in ES File Explorer 3.2.4.1. | |||
| CVE-2015-1386 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in unshield 1.0-1. | |||
| CVE-2015-1199 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in ppmd 10.1-5. | |||
| CVE-2015-1198 | high | 7.5 | 7.5 | 9y ago | Multiple directory traversal vulnerabilities in ha 0.999p+dfsg-5. | |||
| CVE-2015-0928 | high | 7.5 | 7.5 | 9y ago | libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference). | |||
| CVE-2015-4180 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of … | |||
| CVE-2015-4017 | high | 7.5 | 7.5 | 9y ago | Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splunk modules. | |||
| CVE-2015-1395 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a… | |||
| CVE-2015-7516 | high | 7.5 | 7.5 | 9y ago | ONOS before 1.5.0 when using the ifwd app allows remote attackers to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Fr… | |||
| CVE-2015-1800 | high | 7.5 | 7.5 | 9y ago | The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to potentially obtain sensitive information. | |||
| CVE-2015-2675 | high | 7.5 | 7.5 | 9y ago | The OAuth implementation in librest before 0.7.93 incorrectly truncates the pointer returned by the rest_proxy_call_get_url function, which allows remote attackers to cause a denial of service (appli… | |||
| CVE-2015-3614 | high | 7.5 | 7.5 | 9y ago | Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving another unspecified vulnerability. | |||
| CVE-2015-1783 | high | 7.5 | 7.5 | 9y ago | The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access … | |||
| CVE-2015-6498 | high | 7.5 | 7.5 | 9y ago | Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 allows remote attackers to spoof and make calls as target devices. | |||
| CVE-2015-3277 | high | 7.5 | 7.5 | 9y ago | The mod_nss module before 1.0.11 in Fedora allows remote attackers to obtain cipher lists due to incorrect parsing of multi-keyword cipherstring. | |||
| CVE-2015-2313 | high | 7.5 | 7.5 | 9y ago | Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.2, when an application invokes the totalSize method on an object reader, allows remote peers to cause a denial of service (CPU consumption)… | |||
| CVE-2015-2312 | high | 7.5 | 7.5 | 9y ago | Sandstorm Cap'n Proto before 0.4.1.1 and 0.5.x before 0.5.1.1 allows remote peers to cause a denial of service (CPU and possibly general resource consumption) via a list with a large number of elemen… | |||
| CVE-2015-0785 | high | 7.5 | 7.5 | 9y ago | com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable. | |||
| CVE-2015-0784 | high | 7.5 | 7.5 | 9y ago | Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable. | |||
| CVE-2015-7764 | high | 7.5 | 7.5 | 9y ago | Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode. | |||
| CVE-2015-4165 | high | 7.5 | 7.5 | 9y ago | Improper Access Control in Elasticsearch | |||
| CVE-2015-3405 | high | 7.5 | 7.5 | 9y ago | ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is betwe… | |||
| CVE-2015-7704 | high | 7.5 | 7.5 | 9y ago | The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages. | |||
| CVE-2015-7701 | high | 7.5 | 7.5 | 9y ago | Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption). | |||
| CVE-2015-7692 | high | 7.5 | 7.5 | 9y ago | The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomple… | |||
| CVE-2015-7691 | high | 7.5 | 7.5 | 9y ago | The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey op… | |||
| CVE-2015-7875 | high | 7.5 | 7.5 | 9y ago | ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content a… | |||
| CVE-2015-1378 | high | 7.5 | 7.5 | 9y ago | cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users. | |||
| CVE-2015-8013 | high | 7.5 | 7.5 | 9y ago | OpenPGP 1.2.0 and earlier decrypts arbitrary messages | |||
| CVE-2015-1417 | high | 7.5 | 7.5 | 9y ago | The inet module in FreeBSD 10.2x before 10.2-PRERELEASE, 10.2-BETA2-p2, 10.2-RC1-p1, 10.1x before 10.1-RELEASE-p16, 9.x before 9.3-STABLE, 9.3-RELEASE-p21, and 8.x before 8.4-STABLE, 8.4-RELEASE-p35 … | |||
| CVE-2015-1847 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a .. (dot dot) in a crafted URL. | |||
| CVE-2015-7703 | high | 7.5 | 7.5 | 9y ago | The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address th… | |||
| CVE-2015-5300 | high | 7.5 | 7.5 | 9y ago | The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to… | |||
| CVE-2015-5219 | high | 7.5 | 7.5 | 9y ago | The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infin… | |||
| CVE-2015-5195 | high | 7.5 | 7.5 | 9y ago | ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled … | |||
| CVE-2015-5194 | high | 7.5 | 7.5 | 9y ago | The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands. | |||
| CVE-2015-3640 | high | 7.5 | 7.5 | 9y ago | phpMyBackupPro 2.5 and earlier does not properly escape the "." character in request parameters, which allows remote authenticated users with knowledge of a web-accessible and web-writeable directory… | |||
| CVE-2015-3198 | high | 7.5 | 7.5 | 9y ago | The Undertow module of WildFly allows source code disclosure | |||
| CVE-2015-3297 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.1 through 1.5.2 allows remote attackers to read arbitrary files by leveraging replacement of backslashes with slashes in the … | |||
| CVE-2015-7781 | high | 7.5 | 7.5 | 9y ago | ManageEngine Firewall Analyzer before 8.0 does not restrict access permissions. | |||
| CVE-2015-5180 | high | 7.5 | 7.5 | 9y ago | res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NULL pointer dereference and process crash). | |||
| CVE-2015-2245 | high | 7.5 | 7.5 | 9y ago | Huawei Ascend P7 allows remote attackers to cause a denial of service (phone process crash). | |||
| CVE-2015-3215 | high | 7.5 | 7.5 | 9y ago | The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service (guest crash) via a crafted length value in an IP packet, as demonstrated by a value that does not account for th… | |||
| CVE-2015-7732 | high | 7.5 | 7.5 | 9y ago | The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext. | |||
| CVE-2015-3913 | high | 7.5 | 7.5 | 9y ago | The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a denial of service (reboot) via a crafted ICMP request message. | |||
| CVE-2015-3634 | high | 7.5 | 7.5 | 9y ago | The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values. | |||
| CVE-2015-1379 | high | 7.5 | 7.5 | 9y ago | The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to cause a denial of service (process freeze or crash). | |||
| CVE-2015-2800 | high | 7.5 | 7.5 | 9y ago | The user authentication module in Huawei Campus switches S5700, S5300, S6300, and S6700 with software before V200R001SPH012 and S7700, S9300, and S9700 with software before V200R001SPH015 allows remo… | |||
| CVE-2015-2251 | high | 7.5 | 7.5 | 9y ago | The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to obtain sensitive information via a crafted UDS patch with JavaScript. | |||
| CVE-2015-8235 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in Spiffy before 5.4. | |||
| CVE-2015-5175 | high | 7.5 | 7.5 | 9y ago | Apache CXF Fediz application plugins are vulnerable to Denial of Service (DoS) attacks | |||
| CVE-2015-7888 | high | 7.5 | 7.5 | 9y ago | Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via… | |||
| CVE-2015-6586 | high | 7.5 | 7.5 | 9y ago | The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict proces… | |||
| CVE-2015-5682 | high | 7.5 | 7.5 | 9y ago | upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable. | |||
| CVE-2015-5469 | high | 7.5 | 7.5 | 9y ago | Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter to includes/do… | |||
| CVE-2015-5401 | high | 7.5 | 7.5 | 9y ago | Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database cr… | |||
| CVE-2015-5383 | high | 7.5 | 7.5 | 9y ago | Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory. |