Skip to main content
CVE-2015-3221 MEDIUM POC PATCH THREAT This Month

OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash). Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.6%.

Denial Of Service Neutron
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
12.6%
CVE-2015-5409 HIGH This Week

Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to modify data or cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP Buffer Overflow Version Control Repository Manager
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2015-3239 LOW POC Monitor

Off-by-one error in the dwarf_to_unw_regnum function in include/dwarf_i.h in libunwind 1.1 allows local users to have unspecified impact via invalid dwarf opcodes. Rated low severity (CVSS 3.3). Public exploit code available and no vendor patch available.

Information Disclosure Libunwind
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2015-4173 MEDIUM This Month

Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before. Rated medium severity (CVSS 6.9). No vendor patch available.

Sonicwall Information Disclosure Dell Microsoft Netextender
NVD
CVSS 2.0
6.9
EPSS
0.3%
CVE-2015-5411 MEDIUM This Month

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Version Control Repository Manager
NVD
CVSS 2.0
6.8
EPSS
0.3%
CVE-2015-5410 MEDIUM This Month

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execute arbitrary code or cause a denial of service via unspecified vectors. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service HP RCE Version Control Repository Manager
NVD
CVSS 2.0
6.5
EPSS
0.6%
CVE-2015-5412 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to hijack the authentication of unspecified victims via. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

HP CSRF Version Control Repository Manager
NVD
CVSS 2.0
6.0
EPSS
0.1%
CVE-2013-7424 MEDIUM This Month

The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is used, allows context-dependent attackers to cause a denial of service (invalid free) and possibly. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Glibc
NVD
CVSS 2.0
5.1
EPSS
0.8%
CVE-2015-3158 MEDIUM PATCH This Month

The invokeNextValve function in identity/federation/bindings/tomcat/idp/AbstractIDPValve.java in PicketLink before 2.8.0.Beta1 does not properly check role based authorization, which allows remote. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Tomcat Privilege Escalation Java Picketlink
NVD GitHub
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-5413 MEDIUM This Month

HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain privileges and obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Privilege Escalation Version Control Repository Manager
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2015-6261 MEDIUM This Month

Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated users to bypass intended access restrictions and read configuration files by leveraging the Mobile. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Telepresence Video Communication Server Software
NVD
CVSS 2.0
4.0
EPSS
0.1%
CVE-2015-4037 LOW Monitor

The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predictable names, which allows local users to cause a denial of service (instantiation failure) by. Rated low severity (CVSS 1.9). No vendor patch available.

Denial Of Service Qemu
NVD
CVSS 2.0
1.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy