Skip to main content
CVE-2015-0779 CRITICAL POC THREAT Emergency

Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 80.1%.

Path Traversal RCE Zenworks Configuration Management
NVD GitHub Exploit-DB
CVSS 2.0
10.0
EPSS
80.1%
Threat
5.9
CVE-2015-2125 MEDIUM POC THREAT This Month

Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 31.0%.

HP XXE Webinspect
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
31.0%
CVE-2015-4004 HIGH POC This Week

The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packet parsing, which allows remote attackers to obtain sensitive information from kernel memory or. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Linux Buffer Overflow Ubuntu Linux Linux Kernel
NVD
CVSS 2.0
8.5
EPSS
4.3%
CVE-2015-4001 CRITICAL PATCH Act Now

Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Linux Linux Kernel
NVD GitHub
CVSS 2.0
9.0
EPSS
5.9%
CVE-2015-4002 CRITICAL PATCH Act Now

drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service RCE Linux Buffer Overflow Linux Kernel +2
NVD GitHub
CVSS 2.0
9.0
EPSS
3.7%
CVE-2014-0230 HIGH PATCH This Week

Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Tomcat Denial Of Service Apache Virtualization
NVD
CVSS 2.0
7.8
EPSS
3.1%
CVE-2015-4003 HIGH PATCH This Week

The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (divide-by-zero. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
7.8
EPSS
1.2%
CVE-2015-0767 HIGH This Week

Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local users to obtain root privileges via unspecified commands, aka Bug ID CSCur18132. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Cisco Privilege Escalation Edge 340 Firmware
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2014-7810 MEDIUM PATCH This Month

The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Apache Tomcat Authentication Bypass Debian Linux
NVD
CVSS 2.0
5.0
EPSS
9.5%
CVE-2015-0770 MEDIUM This Month

CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Code Injection Telepresence Tc Software
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0112 MEDIUM PATCH This Month

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1,. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XXE Rational Requirements Composer Rhapsody Design Manager Rational Team Concert +5
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-6222 MEDIUM This Month

Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Marketing Operations
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-8887 MEDIUM This Month

IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Marketing Operations
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2014-6175 LOW Monitor

Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Marketing Operations
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy