Skip to main content
CVE-2015-7612 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations page in Enterprise Manager in McAfee Vulnerability Manager (MVM) 7.5.9 and earlier allow remote attackers to hijack the. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Vulnerability Manager
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-3844 MEDIUM This Month

The getProcessRecordLocked method in services/core/java/com/android/server/am/ActivityManagerService.java in ActivityManager in Android before 5.1.1 LMY48I allows attackers to trigger incorrect. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Java Privilege Escalation Google Android
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-3845 MEDIUM This Month

The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation,. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Google Android
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-3826 MEDIUM This Month

The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Buffer Overflow Android
NVD
CVSS 2.0
5.0
EPSS
1.4%
CVE-2015-3861 MEDIUM This Month

Multiple integer overflows in the addVorbisCodecInfo function in matroska/MatroskaExtractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allow remote attackers to cause a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Android
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2015-3833 MEDIUM This Month

The getRunningAppProcesses function in services/core/java/com/android/server/am/ActivityManagerService.java in Android before 5.1.1 LMY48I allows attackers to bypass intended getRecentTasks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Java Authentication Bypass Android
NVD
CVSS 2.0
4.3
EPSS
0.1%
CVE-2015-1541 MEDIUM This Month

The AppWidgetServiceImpl implementation in com/android/server/appwidget/AppWidgetServiceImpl.java in the Settings application in Android before 5.1.1 LMY48I allows attackers to obtain a URI. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Google Java Authentication Bypass Android
NVD
CVSS 2.0
4.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy