Skip to main content
CVE-2015-3903 MEDIUM POC PATCH This Month

libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

PHP Information Disclosure Phpmyadmin
NVD GitHub
CVSS 2.0
4.3
EPSS
1.2%
CVE-2015-3902 MEDIUM PATCH This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

CSRF Phpmyadmin
NVD GitHub
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-1008 MEDIUM This Month

SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated users to gain privileges via malformed input. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Ams Device Manager
NVD
CVSS 2.0
6.5
EPSS
0.5%
CVE-2015-1013 MEDIUM This Month

OSIsoft PI AF 2.6 and 2.7 and PI SQL for AF 2.1.2.19 do not ensure that the PI SQL (AF) Trusted Users group lacks the Everyone account, which allows remote authenticated users to bypass intended. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Pi Server Pi Sql For Af
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2015-3815 MEDIUM This Month

The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-3906 MEDIUM This Month

The logcat_dump_text function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a lack of \0 termination, which allows remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-3813 MEDIUM This Month

The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-3811 MEDIUM This Month

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Solaris Linux Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-3814 MEDIUM This Month

The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Solaris Wireshark
NVD
CVSS 2.0
5.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy