Skip to main content
CVE-2015-1318 HIGH POC PATCH THREAT Act Now

The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container). Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 19.1%.

Privilege Escalation Apport
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
19.1%
CVE-2015-0691 CRITICAL Act Now

A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Cisco Secure Desktop
NVD
CVSS 2.0
9.3
EPSS
0.9%
CVE-2015-0695 HIGH This Week

Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, does not properly handle bridge-group virtual interface (BVI) traffic, which allows remote. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Denial Of Service Ios Xr
NVD
CVSS 2.0
7.8
EPSS
0.9%
CVE-2015-0845 HIGH This Week

Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attackers to execute arbitrary code via vectors related. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Movabletype
NVD
CVSS 2.0
7.5
EPSS
2.1%
CVE-2015-0530 HIGH This Week

Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x before 8.1.2.6, and 8.2.x before 8.2.1.2 allows local users to gain privileges via unknown vectors. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Networker
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-0700 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report section in Cisco Secure Access Control Server Solution Engine before 5.5(0.46.5) allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Secure Access Control Server Solution Engine
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-1856 MEDIUM PATCH This Month

OpenStack Object Storage (Swift) before 2.3.0, when allow_version is configured, allows remote authenticated users to delete the latest version of an object by leveraging listing access to the. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Swift Ubuntu Linux
NVD
CVSS 2.0
5.5
EPSS
1.0%
CVE-2015-0938 MEDIUM This Month

search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to bypass intended access restrictions, and list or read arbitrary. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP Information Disclosure Malware Analysis Appliance
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0937 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Malware Analysis Appliance
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2015-1852 MEDIUM PATCH This Month

The s3_token middleware in OpenStack keystonemiddleware before 1.6.0 and python-keystoneclient before 1.4.0 disables certification verification when the "insecure" option is set in a paste. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Python Information Disclosure Keystonemiddleware Python Keystoneclient Ubuntu Linux
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy