Skip to main content
CVE-2015-7897 HIGH POC This Week

The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Google Buffer Overflow Samsung Galaxy S6
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
4.5%
CVE-2015-7815 HIGH POC This Week

Directory traversal vulnerability in core/ViewDataTable/Factory.php in Piwik before 2.15.0 allows remote attackers to include and execute arbitrary local files via the viewDataTable parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Matomo
NVD
CVSS 2.0
7.5
EPSS
1.4%
CVE-2015-7816 HIGH POC This Week

The DisplayTopKeywords function in plugins/Referrers/Controller.php in Piwik before 2.15.0 allows remote attackers to conduct PHP object injection attacks, conduct Server-Side Request Forgery (SSRF). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SSRF Matomo
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2015-7712 MEDIUM POC This Month

Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and earlier allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Atutor
NVD
CVSS 2.0
6.5
EPSS
0.6%
CVE-2015-8104 CRITICAL PATCH Act Now

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Linux Xen Solaris Vm Virtualbox +3
NVD GitHub
CVSS 3.1
10.0
EPSS
0.3%
CVE-2015-7312 MEDIUM POC This Month

Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service. Rated medium severity (CVSS 4.4). Public exploit code available and no vendor patch available.

Denial Of Service Race Condition Linux Linux Kernel Ubuntu Linux +1
NVD
CVSS 2.0
4.4
EPSS
0.0%
CVE-2015-2925 MEDIUM This Month

The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container. Rated medium severity (CVSS 6.9). No vendor patch available.

Linux Authentication Bypass Linux Kernel Debian Linux Ubuntu Linux
NVD GitHub
CVSS 2.0
6.9
EPSS
0.7%
CVE-2014-9752 MEDIUM This Month

Unrestricted file upload vulnerability in mods/_core/properties/lib/course.inc.php in ATutor before 2.2 patch 6 allows remote authenticated users to execute arbitrary PHP code by uploading a file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Atutor
NVD
CVSS 2.0
6.5
EPSS
0.7%
CVE-2015-8215 MEDIUM PATCH This Month

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
5.0
EPSS
6.2%
CVE-2015-5307 MEDIUM PATCH This Month

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Xen Vm Virtualbox +2
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2015-5257 MEDIUM PATCH This Month

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Denial Of Service Linux Apache Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2015-2924 LOW Monitor

The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol implementation in the IPv6 stack in NetworkManager 1.x allows remote attackers to reconfigure a hop-limit. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Networkmanager
NVD
CVSS 2.0
3.3
EPSS
0.6%
CVE-2015-7872 LOW PATCH Monitor

The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
2.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy