Skip to main content
CVE-2015-2134 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in HP System Management Homepage (SMH) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via unknown. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

HP CSRF System Management Homepage
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2015-2869 MEDIUM This Month

The FileInfo plugin before 2.22 for Ghisler Total Commander allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via (1) a large Size value in the Archive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Total Commander
NVD
CVSS 2.0
5.0
EPSS
1.8%
CVE-2015-5610 MEDIUM This Month

The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same password decryption key across different customers' installations, which makes it easier for remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure N Able N Central
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-1905 MEDIUM PATCH This Month

The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Business Process Manager
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy