Skip to main content
CVE-2015-7881 LOW PATCH Monitor

The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with certain permissions to bypass intended access restrictions and "add unexpected content to a Colorbox" via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

Authentication Bypass Colorbox
NVD
CVSS 2.0
3.5
EPSS
0.1%
CVE-2015-5011 LOW PATCH Monitor

IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check authorization for MQSISTARTMSGFLOW and MQSISTOPMSGFLOW commands, which allows local users to bypass. Rated low severity (CVSS 3.2), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

IBM Command Injection Websphere Message Broker Integration Bus
NVD
CVSS 2.0
3.2
EPSS
0.1%
CVE-2015-4456 LOW Monitor

ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of errors to be ignored, which allows man-in-the-middle attackers to bypass the user's certificate. Rated low severity (CVSS 2.6), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Owncloud Desktop Client
NVD GitHub
CVSS 2.0
2.6
EPSS
0.2%
CVE-2015-3218 LOW Monitor

The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in PolicyKit (aka polkit) before 0.113 allows local users to cause a denial of service (NULL pointer. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Polkit
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-5448 LOW PATCH Monitor

HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local users to obtain sensitive information via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

HP Information Disclosure Asset Manager
NVD
CVSS 2.0
2.1
EPSS
0.1%
CVE-2015-4981 LOW PATCH Monitor

IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum Scale 4.1.1.x before 4.1.1.2 allow local users to obtain sensitive information from system memory. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure General Parallel File System Spectrum Scale
NVD
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy