Skip to main content
CVE-2015-5611 HIGH This Week

Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles (FCA) from 2013 to 2015 models, allows remote attackers in the same cellular network to control. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Uconnect
NVD
CVSS 2.0
8.3
EPSS
4.1%
CVE-2015-4283 HIGH This Week

Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP service outage) via (1) a SYN flood or (2) another type. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Videoscape Policy Resource Manager
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2015-4554 HIGH This Week

Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spotfire Analyst before 5.5.2, 6.0.x before 6.0.3, 6.5.x before 6.5.3, and 7.0.x before 7.0.1; Spotfire. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Spotfire Deployment Kit Spotfire Professional Spotfire Web Player Spotfire Desktop +5
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2015-2134 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

HP CSRF System Management Homepage
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2015-2869 MEDIUM This Month

The FileInfo plugin before 2.22 for Ghisler Total Commander allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via (1) a large Size value in the Archive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Total Commander
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2015-5610 MEDIUM This Month

The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure N Able N Central
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-1905 MEDIUM PATCH This Month

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Business Process Manager
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2015-1906 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Business Process Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy