Skip to main content
CVE-2015-4062 MEDIUM POC PATCH THREAT This Month

SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the where1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.3%.

WordPress SQLi PHP Newstatpress
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
10.3%
CVE-2015-4064 MEDIUM POC PATCH This Month

SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to execute arbitrary SQL commands via the post. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress SQLi PHP Landing Pages
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
3.4%
CVE-2015-4066 MEDIUM POC PATCH This Month

Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for WordPress allow remote authenticated users to execute arbitrary SQL commands via the (1). Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

WordPress SQLi PHP Gigpress
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
2.7%
CVE-2015-3331 CRITICAL Act Now

The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service RCE Linux Buffer Overflow Linux Kernel +2
NVD GitHub
CVSS 2.0
9.3
EPSS
4.1%
CVE-2015-4063 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP Newstatpress
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
1.1%
CVE-2015-4065 LOW POC PATCH Monitor

Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing Pages plugin before 1.8.5 for WordPress allows remote authenticated users to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP Landing Pages
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
0.8%
CVE-2015-2922 LOW POC Monitor

The ndisc_router_discovery function in net/ipv6/ndisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in the Linux kernel before 3.19.6 allows remote attackers to. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Linux Linux Kernel Fedora Solaris +2
NVD GitHub
CVSS 2.0
3.3
EPSS
1.7%
CVE-2015-2666 MEDIUM PATCH This Month

Stack-based buffer overflow in the get_matching_model_microcode function in arch/x86/kernel/cpu/microcode/intel_early.c in the Linux kernel before 4.0 allows context-dependent attackers to gain. Rated medium severity (CVSS 6.9).

Linux Buffer Overflow Linux Kernel Fedora
NVD GitHub
CVSS 2.0
6.9
EPSS
0.1%
CVE-2014-9710 MEDIUM PATCH This Month

The Btrfs implementation in the Linux kernel before 3.19 does not ensure that the visible xattr state is consistent with a requested replacement, which allows local users to bypass intended ACL. Rated medium severity (CVSS 6.9).

Race Condition Linux Authentication Bypass Linux Kernel
NVD GitHub
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-3339 MEDIUM This Month

Race condition in the prepare_binprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root. Rated medium severity (CVSS 6.2). No vendor patch available.

Information Disclosure Race Condition Linux Linux Kernel Debian Linux
NVD GitHub
CVSS 2.0
6.2
EPSS
0.0%
CVE-2015-3922 MEDIUM This Month

Open redirect vulnerability in mode.php in Coppermine Photo Gallery before 1.5.36 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

PHP Open Redirect Coppermine Photo Gallery
NVD
CVSS 2.0
5.8
EPSS
0.3%
CVE-2015-3332 MEDIUM This Month

A certain backport in the TCP Fast Open implementation for the Linux kernel before 3.18 does not properly maintain a count value, which allow local users to cause a denial of service (system crash). Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Canonical Denial Of Service Google Linux Debian Linux +2
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2014-9715 MEDIUM This Month

include/net/netfilter/nf_conntrack_extend.h in the netfilter subsystem in the Linux kernel before 3.14.5 uses an insufficiently large data type for certain extension data, which allows local users to. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.0%
CVE-2015-3921 LOW Monitor

Cross-site scripting (XSS) vulnerability in contact.php in Coppermine Photo Gallery before 1.5.36 allows remote authenticated users to inject arbitrary web script or HTML via the referer parameter. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Coppermine Photo Gallery
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-2830 LOW Monitor

arch/x86/kernel/entry_64.S in the Linux kernel before 3.19.2 does not prevent the TS_COMPAT flag from reaching a user-mode task, which might allow local users to bypass the seccomp or audit. Rated low severity (CVSS 1.9). No vendor patch available.

Privilege Escalation Linux Debian Linux Linux Kernel Ubuntu Linux
NVD GitHub
CVSS 2.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy