Skip to main content
CVE-2015-7614 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2015-6695 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6694 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6693 MEDIUM PATCH This Month

The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6686 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6685 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7623 MEDIUM PATCH This Month

The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7620 MEDIUM PATCH This Month

The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7616 MEDIUM PATCH This Month

The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6725 MEDIUM PATCH This Month

The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6724 MEDIUM PATCH This Month

The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6723 MEDIUM PATCH This Month

The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6722 MEDIUM PATCH This Month

The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6721 MEDIUM PATCH This Month

The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6720 MEDIUM PATCH This Month

The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6719 MEDIUM PATCH This Month

The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6718 MEDIUM PATCH This Month

The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6717 MEDIUM PATCH This Month

The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6716 MEDIUM PATCH This Month

The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6715 MEDIUM PATCH This Month

The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6714 MEDIUM PATCH This Month

The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6712 MEDIUM PATCH This Month

The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6711 MEDIUM PATCH This Month

The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6710 MEDIUM PATCH This Month

The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6709 MEDIUM PATCH This Month

The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6708 MEDIUM PATCH This Month

The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6707 MEDIUM PATCH This Month

The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7366 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Revive Adserver before 3.2.2 allow remote attackers to hijack the authentication of users for requests that (1) perform certain plugin. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF PHP Denial Of Service Revive Adserver
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-7364 MEDIUM PATCH This Month

The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Revive Adserver
NVD GitHub
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-6051 MEDIUM PATCH This Month

Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
9.8%
CVE-2015-6037 LOW Monitor

Cross-site scripting (XSS) vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, and. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Epss exploitation probability 10.2% and no vendor patch available.

XSS Microsoft Excel Web App Office Web Apps Sharepoint Foundation +1
NVD
CVSS 2.0
3.5
EPSS
10.2%
CVE-2015-6692 MEDIUM PATCH This Month

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Adobe Buffer Overflow Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.3%
CVE-2015-7624 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-6706 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-6705 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-6700 MEDIUM PATCH This Month

The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
5.0
EPSS
2.1%
CVE-2015-7371 MEDIUM This Month

Revive Adserver before 3.2.2 does not restrict access to run-mpe.php, which allows remote attackers to run the Maintenance Priority Engine and possibly cause a denial of service (resource. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service PHP Privilege Escalation Revive Adserver
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-5583 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
3.0%
CVE-2015-6039 LOW Monitor

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
3.5
EPSS
6.6%
CVE-2015-6704 MEDIUM PATCH This Month

The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6703 MEDIUM PATCH This Month

The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6702 MEDIUM PATCH This Month

The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6701 MEDIUM PATCH This Month

The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-6699 MEDIUM PATCH This Month

The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
4.3
EPSS
2.1%
CVE-2015-7370 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in open-flash-chart.swf in Open Flash Chart 2, as used in the VideoAds plugin in Revive Adserver before 3.2.2 and CA Release Automation (formerly. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Revive Adserver
NVD
CVSS 2.0
4.3
EPSS
0.5%
CVE-2015-7373 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the "magic-macros" feature in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via a GET parameter, which is not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Revive Adserver
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-7365 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the plugin upgrade form in Revive Adserver before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via the filename of an uploaded file. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Revive Adserver
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-7368 LOW PATCH Monitor

Revive Adserver before 3.2.2 does not send the appropriate Cache-Control HTTP headers in responses for admin UI pages, which allows local users to obtain sensitive information via the web browser. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Revive Adserver
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy