Skip to main content
CVE-2015-0907 MEDIUM This Month

Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Buffer Overflow Lhaplus
NVD
CVSS 2.0
6.8
EPSS
3.3%
CVE-2015-0693 HIGH This Week

Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Cisco Python RCE Web Security Appliance
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-1897 HIGH PATCH This Week

Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

IBM Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-1898 HIGH PATCH This Week

Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

IBM Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-0906 MEDIUM This Month

Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Lhaplus
NVD
CVSS 2.0
5.8
EPSS
0.5%
CVE-2015-0697 MEDIUM This Month

Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Open Redirect Telepresence Tc Software
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2015-0699 MEDIUM This Month

SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote attackers to execute arbitrary SQL commands. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unified Communications Domain Manager
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0345 MEDIUM PATCH This Month

Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before Update 5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

XSS Adobe Coldfusion
NVD
CVSS 2.0
4.3
EPSS
3.2%
CVE-2015-0698 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allow remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Web Security Appliance
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0696 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Telepresence Tc Software
NVD
CVSS 2.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy