Skip to main content
CVE-2015-2853 MEDIUM This Month

Session fixation vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers to hijack web. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Ssl Visibility Appliance Sv3800 Firmware Ssl Visibility Appliance Sv2800 Firmware Ssl Visibility Appliance Sv1800 Firmware Ssl Visibility Appliance Sv800 Firmware
NVD
CVSS 2.0
6.8
EPSS
1.5%
CVE-2015-2851 MEDIUM This Month

client_chown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Synology Privilege Escalation Cloud Station
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2015-0743 MEDIUM This Month

Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP outage) via a flood of crafted UDP traffic, aka Bug ID CSCus04097. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Headend Digital Broadband Delivery System Headend System Release
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-0745 MEDIUM This Month

Cisco Headend System Release allows remote attackers to read temporary script files or archive files, and consequently obtain sensitive information, via a crafted header in an HTTP request, aka Bug. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Headend Digital Broadband Delivery System Headend System Release
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-2854 MEDIUM This Month

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not send a restrictive X-Frame-Options HTTP header, which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Ssl Visibility Appliance Sv800 Firmware Ssl Visibility Appliance Sv1800 Firmware Ssl Visibility Appliance Sv2800 Firmware Ssl Visibility Appliance Sv3800 Firmware
NVD
CVSS 2.0
4.3
EPSS
2.6%
CVE-2015-4138 MEDIUM This Month

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Ssl Visibility Appliance Sv1800 Firmware Ssl Visibility Appliance Sv800 Firmware Ssl Visibility Appliance Sv3800 Firmware Ssl Visibility Appliance Sv2800 Firmware
NVD
CVSS 2.0
4.3
EPSS
1.8%
CVE-2015-2855 MEDIUM This Month

The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not set the secure flag for the administrator's cookie in an https. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Ssl Visibility Appliance Sv800 Firmware Ssl Visibility Appliance Sv1800 Firmware Ssl Visibility Appliance Sv3800 Firmware Ssl Visibility Appliance Sv2800 Firmware
NVD
CVSS 2.0
4.3
EPSS
1.8%
CVE-2015-2852 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 allows remote attackers. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Ssl Visibility Appliance Sv2800 Firmware Ssl Visibility Appliance Sv1800 Firmware Ssl Visibility Appliance Sv3800 Firmware Ssl Visibility Appliance Sv800 Firmware
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0733 MEDIUM This Month

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Headend Digital Broadband Delivery System
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-0747 MEDIUM This Month

Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject arbitrary cookies via a crafted HTTP request, aka Bug ID CSCuh25408. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Code Injection Videoscape Conductor Headend Digital Broadband Delivery System Headend System Release
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-0758 MEDIUM This Month

The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco XXE Information Disclosure Unified Meetingplace
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy