Skip to main content
CVE-2015-7650 MEDIUM This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2015-2903 MEDIUM This Month

The CWSAPI SOAP service in HP ArcSight SmartConnectors before 7.1.6 has a hardcoded password, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of. Rated medium severity (CVSS 6.9). No vendor patch available.

HP Information Disclosure Arcsight Smartconnectors
NVD
CVSS 2.0
6.9
EPSS
0.5%
CVE-2015-2902 MEDIUM This Month

HP ArcSight SmartConnectors before 7.1.6 do not verify X.509 certificates from Logger devices, which allows man-in-the-middle attackers to spoof devices and obtain sensitive information via a crafted. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

HP Information Disclosure Arcsight Smartconnectors
NVD
CVSS 2.0
6.8
EPSS
0.4%
CVE-2015-5673 MEDIUM This Month

eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015-10-30 makes improper popen calls, which allows remote attackers to execute arbitrary commands via an. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Isucon 5 Qualifier Eventapp
NVD GitHub
CVSS 2.0
6.5
EPSS
0.6%
CVE-2015-6029 MEDIUM This Month

HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, which makes it easier for remote attackers to obtain access via a brute-force approach. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

HP Information Disclosure Arcsight Logger
NVD
CVSS 2.0
5.0
EPSS
6.9%
CVE-2015-5021 MEDIUM PATCH This Month

IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenticated DataStage users to bypass intended job-execution restrictions or obtain sensitive information via unspecified vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Privilege Escalation Infosphere Information Server
NVD
CVSS 2.0
5.5
EPSS
0.5%
CVE-2015-6355 MEDIUM This Month

The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote attackers to obtain potentially sensitive version information by visiting an unspecified URL, aka Bug. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Unified Computing System
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-6356 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCuw60212. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Socialminer
NVD
CVSS 2.0
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy