Skip to main content
CVE-2015-7712 MEDIUM POC This Month

Multiple eval injection vulnerabilities in mods/_standard/gradebook/edit_marks.php in ATutor 2.2 and earlier allow remote authenticated users with the AT_PRIV_GRADEBOOK privilege to execute arbitrary. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Atutor
NVD
CVSS 2.0
6.5
EPSS
0.6%
CVE-2015-7312 MEDIUM POC This Month

Multiple race conditions in the Advanced Union Filesystem (aufs) aufs3-mmap.patch and aufs4-mmap.patch patches for the Linux kernel 3.x and 4.x allow local users to cause a denial of service. Rated medium severity (CVSS 4.4). Public exploit code available and no vendor patch available.

Denial Of Service Race Condition Linux Linux Kernel Ubuntu Linux +1
NVD
CVSS 2.0
4.4
EPSS
0.0%
CVE-2015-2925 MEDIUM This Month

The prepend_path function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users to bypass an intended container. Rated medium severity (CVSS 6.9). No vendor patch available.

Linux Authentication Bypass Linux Kernel Debian Linux Ubuntu Linux
NVD GitHub
CVSS 2.0
6.9
EPSS
0.7%
CVE-2014-9752 MEDIUM This Month

Unrestricted file upload vulnerability in mods/_core/properties/lib/course.inc.php in ATutor before 2.2 patch 6 allows remote authenticated users to execute arbitrary PHP code by uploading a file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP File Upload Atutor
NVD
CVSS 2.0
6.5
EPSS
0.7%
CVE-2015-8215 MEDIUM PATCH This Month

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 2.0
5.0
EPSS
6.2%
CVE-2015-5307 MEDIUM PATCH This Month

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Xen Vm Virtualbox +2
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%
CVE-2015-5257 MEDIUM PATCH This Month

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Denial Of Service Linux Apache Linux Kernel
NVD GitHub
CVSS 2.0
4.9
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy