Skip to main content
CVE-2015-2843 HIGH POC THREAT Act Now

Multiple SQL injection vulnerabilities in GoAutoDial GoAdmin CE before 3.3-1421902800 allow remote attackers to execute arbitrary SQL commands via the (1) user_name or (2) user_pass parameter in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 80.0%.

PHP SQLi Goadmin Ce
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
80.0%
Threat
5.4
CVE-2015-2219 HIGH POC THREAT Act Now

Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 uses predictable security tokens, which allows local users to gain privileges by sending a valid token with a command to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 29.6%.

Privilege Escalation Lenovo System Update
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
29.6%
CVE-2015-2233 HIGH This Week

Lenovo System Update (formerly ThinkVantage System Update) before 5.06.0034 does not properly validate CA chains during signature validation, which allows man-in-the-middle attackers to upload and. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Lenovo System Update
NVD
CVSS 2.0
8.3
EPSS
0.1%
CVE-2015-2829 HIGH PATCH This Week

Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway before 10.5 Build 53.9 through 55.8 and 10.5.e Build 53-9010.e allow remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Citrix Netscaler Application Delivery Controller Firmware Netscaler Gateway Firmware
NVD
CVSS 2.0
7.8
EPSS
1.3%
CVE-2015-3979 HIGH This Week

Unspecified vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary code via unknown vectors, aka SAP Security Note 2097534. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE SAP Customer Relationship Management
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2015-3980 HIGH This Week

SQL injection vulnerability in the Business Rules Framework (CRM-BF-BRF) in SAP CRM allows attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2097534. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi SAP Customer Relationship Management
NVD
CVSS 2.0
7.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy