Skip to main content
CVE-2015-0538 CRITICAL Act Now

ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Command Injection Autostart
NVD
CVSS 2.0
9.3
EPSS
5.9%
CVE-2015-0701 CRITICAL Act Now

Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via a crafted HTTP request, aka Bug ID CSCut46961. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Computing System Central Software
NVD
CVSS 2.0
10.0
EPSS
1.1%
CVE-2015-0716 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11.0(0.98000.225) and 11.0(0.98000.332) allows remote attackers to hijack the authentication of. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Unity Connection
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-0715 MEDIUM This Month

SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote authenticated users to execute arbitrary SQL commands via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco SQLi Unity Connection
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2015-3610 MEDIUM This Month

The Siemens HomeControl for Room Automation application before 2.0.1 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and. Rated medium severity (CVSS 5.4). No vendor patch available.

Google Information Disclosure Siemens Homecontrol For Room Automation
NVD
CVSS 2.0
5.4
EPSS
0.1%
CVE-2015-0531 MEDIUM This Month

EMC SourceOne Email Management before 7.2 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Sourceone Email Management
NVD
CVSS 2.0
5.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy