Skip to main content
CVE-2015-2275 MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in WoltLab Community Gallery 2.0 before 2014-12-26 allows remote attackers to inject arbitrary web script or HTML via the parameters[data][7][title] parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 14.0%.

XSS PHP Community Gallery
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
14.0%
CVE-2015-2241 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in the contents function in admin/helpers.py in Django before 1.7.6 and 1.8 before 1.8b2 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Python Django
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1065 MEDIUM This Month

Multiple buffer overflows in iCloud Keychain in Apple iOS before 8.2 and Apple OS X through 10.10.2 allow man-in-the-middle attackers to execute arbitrary code by modifying the client-server data. Rated medium severity (CVSS 5.4). No vendor patch available.

Apple Buffer Overflow RCE Mac Os X Iphone Os
NVD
CVSS 2.0
5.4
EPSS
0.2%
CVE-2015-1062 MEDIUM This Month

MobileStorageMounter in Apple iOS before 8.2 and Apple TV before 7.1 does not delete invalid disk-image folders, which allows attackers to create folders in arbitrary filesystem locations via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Information Disclosure Tvos Iphone Os
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-2150 MEDIUM This Month

Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Linux Ubuntu Xen +1
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2015-0522 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9 build 558 allows remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Rsa Certificate Manager Rsa Registration Manager
NVD
CVSS 2.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy