Skip to main content
CVE-2015-6946 CRITICAL POC THREAT Emergency

Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 37.1%.

RCE Buffer Overflow Accurev
NVD
CVSS 2.0
9.3
EPSS
37.1%
Threat
4.5
CVE-2015-5472 HIGH POC This Week

Absolute path traversal vulnerability in lib/download.php in the IBS Mappro plugin before 1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal WordPress PHP Ibs Mappro
NVD
CVSS 2.0
7.8
EPSS
0.9%
CVE-2015-6949 CRITICAL Act Now

Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

RCE Buffer Overflow Tm 1900
NVD
CVSS 2.0
9.3
EPSS
8.0%
CVE-2015-6944 MEDIUM POC This Month

Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to hijack the authentication of users for requests that execute arbitrary SQL commands via the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

CSRF Jsp Mysql Administrador Web
NVD Exploit-DB
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-6943 MEDIUM POC PATCH This Month

SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comments.inc.php in Serendipity before 2.0.2, when "Use Tokens for Comment Moderation" is enabled,. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. Public exploit code available.

PHP SQLi Serendipity
NVD
CVSS 2.0
6.0
EPSS
0.3%
CVE-2015-4947 CRITICAL Act Now

Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47, 7.0.0.x before 7.0.0.39, 8.0.0.x before 8.0.0.12, and 8.5.x before 8.5.5.7, as used in WebSphere. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM RCE Buffer Overflow Http Server
NVD
CVSS 2.0
9.0
EPSS
5.0%
CVE-2015-6945 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to inject arbitrary web script or HTML via the bd parameter to sys/sys/listaBD2.jsp. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS Jsp Mysql Administrador Web
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
3.5%
CVE-2015-6948 MEDIUM This Month

Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect allows remote attackers to execute arbitrary code via a crafted document. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Buffer Overflow Microsoft Wordperfect
NVD
CVSS 2.0
6.8
EPSS
3.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy