Skip to main content
CVE-2015-6555 HIGH This Week

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Java RCE Code Injection Endpoint Protection Manager
NVD
CVSS 2.0
8.5
EPSS
1.6%
CVE-2015-6554 HIGH This Week

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Endpoint Protection Manager
NVD
CVSS 2.0
7.5
EPSS
1.7%
CVE-2015-8113 HIGH This Week

Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 before 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Endpoint Protection
NVD
CVSS 2.0
7.2
EPSS
0.2%
CVE-2015-7818 HIGH This Week

The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

IBM Apache Privilege Escalation Lenovo System Networking Switch Center +1
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-7820 HIGH This Week

Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM Race Condition Path Traversal Lenovo Switch Center +1
NVD
CVSS 2.0
7.1
EPSS
0.2%
CVE-2015-7817 HIGH This Week

Race condition in the administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

IBM Race Condition Path Traversal Lenovo System Networking Switch Center +1
NVD
CVSS 2.0
7.1
EPSS
0.2%
CVE-2015-7819 MEDIUM This Month

The DB service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Lenovo Authentication Bypass Switch Center System Networking Switch Center
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-5441 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ArcSight Logger before 6.1 allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS HP Archsight Management Center Arcsight Logger
NVD
CVSS 2.0
4.3
EPSS
0.7%
CVE-2015-6363 LOW Monitor

Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco FireSIGHT Management Center (MC) 5.4.1.4 and 6.0.1 allow remote authenticated users to inject arbitrary web script or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Firesight System Software
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy