Skip to main content
CVE-2015-2682 MEDIUM POC THREAT This Month

Citrix Command Center before 5.1 Build 35.4 and 5.2 before Build 42.7 allows remote attackers to obtain credentials via a direct request to conf/securitydbData.xml. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 34.7%.

Citrix Information Disclosure Command Center
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
34.7%
CVE-2015-2746 MEDIUM POC THREAT This Month

The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility (CLU) in Websense TRITON 7.8.3 and V-Series appliances before 7.8.4 Hotfix 02 allows remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.9%.

Command Injection Triton V Series Appliances
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
23.9%
CVE-2015-2748 MEDIUM POC This Month

Websense TRITON AP-WEB before 8.0.0 does not properly restrict access to files in explorer_wse/, which allows remote attackers to obtain sensitive information via a direct request to a (1) Web. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Triton Ap Data Triton Ap Email Triton Ap Web V Series Appliances
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-2747 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in the data loss prevention (DLP) incident Forensics Preview in Websense Triton 7.8.3 and V-Series 7.7 appliances allow remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Triton V Series Appliances
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0279 MEDIUM This Month

JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via the do parameter. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Java RCE Code Injection Richfaces
NVD
CVSS 2.0
6.8
EPSS
2.5%
CVE-2015-0672 MEDIUM This Month

The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denial of service (service outage) via a flood of crafted DHCP packets, aka Bug ID CSCup67822. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service Ios Xr
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0673 MEDIUM This Month

Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote authenticated users to discover the passwords of arbitrary users by (1) reading log files or (2) using an unspecified GUI feature, aka. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Mobility Services Engine
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy