Skip to main content
CVE-2015-6830 MEDIUM POC PATCH THREAT This Month

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 21.2%.

PHP Information Disclosure Phpmyadmin
NVD GitHub Exploit-DB
CVSS 2.0
5.0
EPSS
21.2%
CVE-2015-6285 MEDIUM This Month

Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote attackers to cause a denial of service (memory overwrite or service outage) via format string. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Email Security Appliance
NVD
CVSS 2.0
6.4
EPSS
0.4%
CVE-2015-6286 MEDIUM This Month

Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexConnect is enabled, allows remote attackers to cause a denial of service (access-point outage) via a crafted UDP packet, aka Bug ID. Rated medium severity (CVSS 5.7). No vendor patch available.

Cisco Denial Of Service Application Visibility And Control
NVD
CVSS 2.0
5.7
EPSS
0.2%
CVE-2014-9745 MEDIUM This Month

The parse_encoding function in type1/t1load.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (infinite loop) via a "broken number-with-base" in a Postscript stream, as. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Freetype Debian Linux Ubuntu Linux Opensuse
NVD
CVSS 2.0
5.0
EPSS
2.9%
CVE-2015-6287 MEDIUM This Month

Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial of service (service outage) via a flood of TCP traffic that leads to DNS resolution delays, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Web Security Virtual Appliance
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-6288 MEDIUM This Month

Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, which allows remote attackers to cause a denial of service (rapid log-file rollover and application. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Content Security Management Appliance
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-2013 MEDIUM PATCH This Month

IBM WebSphere MQ 7.0.1 before 7.0.1.13 allows remote attackers to cause a denial of service (channel-agent abend and process outage) via a crafted selection string in an MQI call. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

IBM Denial Of Service Websphere Mq
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-6290 MEDIUM This Month

Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (memory consumption from stale TCP connections) via crafted responses, aka Bug ID CSCuw10426. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Cisco Buffer Overflow Web Security Virtual Appliance
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-4980 MEDIUM PATCH This Month

Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through 7.0.0.9 allows remote authenticated users to obtain sensitive personal information via unknown vectors. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Websphere Commerce
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy