Skip to main content
CVE-2014-9735 HIGH POC THREAT Act Now

The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.7%.

WordPress Privilege Escalation Showbiz Pro Slider Revolution
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
82.7%
Threat
5.5
CVE-2015-1930 HIGH POC THREAT Act Now

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 70.0%.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
70.0%
Threat
5.2
CVE-2015-5149 MEDIUM POC THREAT This Month

Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authenticated users to write to arbitrary files via a .. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 42.5%.

Path Traversal Zoho Manageengine Supportcenter Plus
NVD Exploit-DB
CVSS 2.0
5.5
EPSS
42.5%
CVE-2015-1986 CRITICAL Act Now

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1938. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 25.0% and no vendor patch available.

IBM Command Injection Tivoli Storage Manager Fastback
NVD
CVSS 2.0
10.0
EPSS
25.0%
CVE-2015-1949 CRITICAL Act Now

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands with SYSTEM privileges via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.4% and no vendor patch available.

IBM Command Injection Tivoli Storage Manager Fastback
NVD
CVSS 2.0
10.0
EPSS
14.4%
CVE-2015-1938 CRITICAL Act Now

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.3% and no vendor patch available.

IBM Command Injection Tivoli Storage Manager Fastback
NVD
CVSS 2.0
10.0
EPSS
14.3%
CVE-2015-5148 HIGH POC This Week

SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL commands via the search_query parameter to product/search. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Livelycart
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.1%
CVE-2014-9734 MEDIUM POC This Month

Directory traversal vulnerability in the Slider Revolution (revslider) plugin before 4.2 for WordPress allows remote attackers to read arbitrary files via a .. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal WordPress PHP Slider Revolution
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
5.2%
CVE-2015-1942 CRITICAL Act Now

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to write to arbitrary files, and subsequently execute these files, via a crafted TCP packet to an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM Information Disclosure Tivoli Storage Manager Fastback
NVD
CVSS 2.0
9.3
EPSS
2.5%
CVE-2015-1923 HIGH This Week

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
9.6%
CVE-2015-1941 HIGH This Week

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to read arbitrary files via a crafted TCP packet to an unspecified port. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
4.2%
CVE-2015-5151 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the client_action parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress PHP Slider Revolution
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-1953 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.4%
CVE-2015-1948 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.4%
CVE-2015-1929 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.4%
CVE-2015-1925 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.4%
CVE-2015-1924 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.4%
CVE-2015-1965 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.1%
CVE-2015-1964 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.1%
CVE-2015-1963 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.1%
CVE-2015-1962 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.1%
CVE-2015-1954 HIGH This Week

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Denial Of Service Buffer Overflow Tivoli Storage Manager Fastback
NVD
CVSS 2.0
7.8
EPSS
1.1%
CVE-2015-4227 HIGH This Week

Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors, aka Bug ID CSCus91838. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Headend System Release
NVD
CVSS 2.0
7.8
EPSS
0.9%
CVE-2015-5150 LOW POC Monitor

Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 allow remote authenticated users to inject arbitrary web script or HTML via the (1) query parameter in. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Zoho XSS Manageengine Supportcenter Plus
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
1.0%
CVE-2015-4226 HIGH This Week

The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) does not properly support the RTP protocol, which allows remote attackers to cause a denial of service (device hang) by sending. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Denial Of Service Unified Ip Phones 9900 Series Firmware
NVD
CVSS 2.0
7.1
EPSS
0.7%
CVE-2015-2966 MEDIUM This Month

Directory traversal vulnerability in the Droidware UK Explorer+ File Manager application before 2.3.3 for Android allows remote attackers to write to arbitrary files via unspecified vectors. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Google Explorer File Manager
NVD
CVSS 2.0
6.4
EPSS
0.4%
CVE-2015-4229 MEDIUM This Month

The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers to obtain sensitive information by visiting a bvsmweb URL, aka Bug ID CSCuq22589. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Communications Domain Manager
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-1913 MEDIUM PATCH This Month

Rational Test Control Panel in IBM Rational Test Workbench and Rational Test Virtualization Server 8.0.0.x before 8.0.0.5, 8.0.1.x before 8.0.1.6, 8.5.0.x before 8.5.0.4, 8.5.1.x before 8.5.1.5,. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

IBM Authentication Bypass Rational Test Virtualization Server Rational Test Workbench
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-1919 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in IBM Security QRadar Incident Forensics before 7.2.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

IBM XSS Security Qradar Incident Forensics
NVD
CVSS 2.0
4.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy