Skip to main content
CVE-2015-7774 MEDIUM PATCH This Month

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users to execute arbitrary OS commands by leveraging the editor role. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection PHP Pwebmanager
NVD
CVSS 2.0
6.5
EPSS
0.6%
CVE-2015-6364 MEDIUM This Month

Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager allows remote attackers to obtain sensitive information via crafted URLs in REST API requests, aka. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Videoscape Distribution Suite Service Manager
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-7427 MEDIUM This Month

IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Datapower Gateway
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-6365 MEDIUM This Month

Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface ACLs, which allows remote authenticated users to bypass intended network-traffic restrictions in. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apple Cisco Authentication Bypass iOS
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy