Skip to main content
CVE-2015-2125 MEDIUM POC THREAT This Month

Unspecified vulnerability in HP WebInspect 7.x through 10.4 before 10.4 update 1 allows remote authenticated users to bypass intended access restrictions via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 31.0%.

HP XXE Webinspect
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
31.0%
CVE-2014-7810 MEDIUM PATCH This Month

The Expression Language (EL) implementation in Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.58, and 8.x before 8.0.16 does not properly consider the possibility of an accessible interface. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Apache Tomcat Authentication Bypass Debian Linux
NVD
CVSS 2.0
5.0
EPSS
9.5%
CVE-2015-0770 MEDIUM This Month

CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integrator C SX20 devices allows remote attackers to inject arbitrary HTTP headers and conduct HTTP. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Code Injection Telepresence Tc Software
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-0112 MEDIUM PATCH This Month

Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, 4.x before 4.0.7 IF5, and 5.x before 5.0.2 IF4; Rational Quality Manager (RQM) 2.0 through 2.0.1,. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XXE Rational Requirements Composer Rhapsody Design Manager Rational Team Concert +5
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-6222 MEDIUM This Month

Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Marketing Operations
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2014-8887 MEDIUM This Month

IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Marketing Operations
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy