Skip to main content
CVE-2015-2137 CRITICAL PATCH Act Now

Unspecified vulnerability in HP Operations Manager i (OMi) 9.22, 9.23, 9.24, 9.25, 10.00, and 10.01 allows remote attackers to execute arbitrary code via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.3%.

HP RCE Operations Manager I
NVD
CVSS 2.0
10.0
EPSS
27.3%
CVE-2014-1972 HIGH PATCH This Week

Apache Tapestry before 5.3.6 relies on client-side object storage without checking whether a client has modified an object, which allows remote attackers to cause a denial of service (resource. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Apache Tapestry
NVD
CVSS 2.0
7.8
EPSS
8.8%
CVE-2015-5406 CRITICAL Act Now

HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Centralview Revenue Leakage Control Centralview Credit Risk Control Centralview Subscription Fraud Prevention +3
NVD
CVSS 2.0
9.0
EPSS
0.4%
CVE-2015-2983 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in admin.php in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote attackers to hijack the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF PHP Photo Gallery Cms Free
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-5408 MEDIUM This Month

HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control. Rated medium severity (CVSS 6.0). No vendor patch available.

HP Information Disclosure Centralview Fraud Risk Management Centralview Roaming Fraud Control Centralview Credit Risk Control +3
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2015-5407 MEDIUM This Month

HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, 4.2, and 4.3; CentralView Dealer Performance Audit 2.0 and 2.1; CentralView Credit Risk Control. Rated medium severity (CVSS 6.0). No vendor patch available.

HP Information Disclosure Centralview Revenue Leakage Control Centralview Fraud Risk Management Centralview Subscription Fraud Prevention +3
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2015-2984 MEDIUM This Month

I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service (SSDP reflection) via UPnP requests. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Privilege Escalation Wn G54 R2 Firmware
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-6256 MEDIUM This Month

Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote attackers to cause a denial of service (OSPF process restart) via crafted length fields in headers of OSPF packets, aka Bug ID. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Asr 5000 Series Software
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-4938 MEDIUM This Month

IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 allows remote attackers to spoof servlets and obtain sensitive information via unspecified. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Websphere Application Server
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-1932 MEDIUM This Month

IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.7 and WebSphere Virtual Enterprise before 7.0.0.7 allow remote attackers to obtain potentially. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Websphere Virtual Enterprise Websphere Application Server
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-6258 MEDIUM This Month

The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with software 8.1(104.37) allows remote attackers to trigger incorrect traffic forwarding via crafted. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Wireless Lan Controller Software
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-2132 MEDIUM PATCH This Month

Unspecified vulnerability in the execve system-call implementation in HP HP-UX B.11.11, B.11.23, and B.11.31 allows local users to gain privileges via unknown vectors. Rated medium severity (CVSS 4.4).

HP Information Disclosure Operations Manager I
NVD
CVSS 2.0
4.4
EPSS
0.1%
CVE-2015-2982 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in jquery.lightbox-0.5.min.js in PHP Kobo Photo Gallery CMS for PC, smartphone and feature phone 1.0.1 Free and earlier allows remote authenticated users to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS PHP Photo Gallery Cms Free
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-4537 LOW Monitor

Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox file, which makes it easier for remote authenticated users to decrypt admin tickets by locating. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Documentum D2
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-4331 LOW Monitor

Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows remote authenticated users to bypass intended access restrictions via a username with a modified. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Cisco Privilege Escalation Prime Infrastructure
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy