Skip to main content
CVE-2015-4716 CRITICAL Act Now

Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x before 8.0.4, when running on Windows, allows remote attackers to reinstall the application or. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.6% and no vendor patch available.

Path Traversal RCE Microsoft Owncloud Owncloud Server +1
NVD
CVSS 2.0
10.0
EPSS
18.6%
CVE-2015-4843 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.1%.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
14.1%
CVE-2015-4844 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.4%.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
10.4%
CVE-2015-4883 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
8.2%
CVE-2015-4860 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
8.2%
CVE-2015-4796 CRITICAL Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.7% and no vendor patch available.

Oracle Information Disclosure Java Microsoft Database Server +1
NVD
CVSS 2.0
9.0
EPSS
12.7%
CVE-2015-4881 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
7.5%
CVE-2015-4805 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
6.5%
CVE-2015-4835 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
4.9%
CVE-2015-4798 CRITICAL PATCH Act Now

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
10.0
EPSS
2.7%
CVE-2015-4839 CRITICAL PATCH Act Now

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle E Business Suite
NVD
CVSS 2.0
10.0
EPSS
2.6%
CVE-2015-4863 CRITICAL PATCH Act Now

Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2015-2608 CRITICAL Act Now

Unspecified vulnerability in (1) the Oracle Communications Diameter Signaling Router (DSR) component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oracle Communications Applications
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2015-4821 CRITICAL Act Now

Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Oracle Oracle And Sun Systems Product Suite
NVD
CVSS 2.0
9.3
EPSS
0.7%
CVE-2015-4718 CRITICAL Act Now

The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x before 8.0.4 allows remote authenticated users to execute arbitrary SMB commands via a ; (semicolon). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Owncloud Owncloud Server
NVD
CVSS 2.0
9.0
EPSS
1.0%
CVE-2015-7698 CRITICAL PATCH Act Now

icewind1991 SMB before 1.0.3 allows remote authenticated users to execute arbitrary SMB commands via shell metacharacters in the user argument in the (1) listShares function in Server.php or the (2). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection PHP Smb Owncloud
NVD GitHub
CVSS 2.0
9.0
EPSS
0.9%
CVE-2015-4794 CRITICAL Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy