Skip to main content
CVE-2015-6535 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed plugin before 3.3.3 for WordPress allows remote administrators to inject arbitrary web script or HTML. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS WordPress PHP Youtube Embed
NVD
CVSS 2.0
3.5
EPSS
0.5%
CVE-2014-2329 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in Check_MK before 1.2.2p3 and 1.2.3x before 1.2.3i5 allow remote authenticated users to inject arbitrary web script or HTML via the (1) agent. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Check Mk
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-6751 LOW PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracker module 7.x-1.x before 7.x-1.4 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Time Tracker
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-6753 LOW PATCH Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 for Drupal allow remote authenticated users with certain permissions to inject arbitrary web script. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

XSS Quick Edit
NVD
CVSS 2.0
3.5
EPSS
0.1%
CVE-2015-6754 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs module 7.x-3.x before 7.x-3.3 for Drupal allows remote authenticated users with the "Administer Path. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Path Breadcrumbs
NVD
CVSS 2.0
2.1
EPSS
0.2%
CVE-2015-6752 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1.3 for Drupal, when the search index is configured to use the HTML filter processor, allows remote. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable.

XSS Search Api Autocomplete
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-6746 LOW Monitor

Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL database, which allows remote attackers to spoof communications with banks via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Banking
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-5697 LOW Monitor

The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize a certain bitmap data structure, which allows local users to obtain sensitive information from. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Linux Information Disclosure Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-3291 LOW Monitor

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not properly determine when nested NMI processing is occurring, which allows local users to cause a denial of. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
CVE-2014-9731 LOW Monitor

The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target's name along with a trailing \0 character, which allows local. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Linux Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy