Skip to main content
CVE-2015-7808 HIGH POC THREAT Act Now

The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.4%.

RCE PHP Vbulletin
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
77.4%
Threat
5.3
CVE-2015-7865 HIGH POC This Week

nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Nvidia Authentication Bypass Gpu Driver
NVD Exploit-DB
CVSS 2.0
7.7
EPSS
1.4%
CVE-2015-7985 HIGH POC This Week

Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Steam Client
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-5053 CRITICAL Act Now

The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 before 352.41 for Linux and R352 before 352.46 for GRID vGPU and vSGA does not properly restrict. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Nvidia Linux Authentication Bypass Gpu Driver
NVD
CVSS 2.0
10.0
EPSS
0.5%
CVE-2015-7981 MEDIUM POC PATCH This Month

The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Ubuntu Linux Debian Linux Enterprise Linux Desktop +7
NVD
CVSS 2.0
5.0
EPSS
2.0%
CVE-2015-8227 HIGH This Week

The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Huawei Vp 9660 Firmware
NVD
CVSS 2.0
8.5
EPSS
0.2%
CVE-2015-6377 HIGH This Week

Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Virtual Topology System
NVD
CVSS 2.0
7.8
EPSS
3.6%
CVE-2015-8330 HIGH This Week

The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service SAP Buffer Overflow Plant Connectivity
NVD
CVSS 2.0
7.8
EPSS
3.4%
CVE-2015-7496 HIGH PATCH This Week

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Fedora Gnome Display Manager
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-7866 HIGH This Week

Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Information Disclosure Microsoft Gpu Driver
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-7869 MEDIUM This Month

Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before. Rated medium severity (CVSS 6.6). No vendor patch available.

Denial Of Service Nvidia Microsoft Ubuntu Linux Gpu Driver
NVD
CVSS 2.0
6.6
EPSS
0.1%
CVE-2015-8328 MEDIUM This Month

Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive. Rated medium severity (CVSS 6.6). No vendor patch available.

Denial Of Service Nvidia Buffer Overflow Microsoft Gpu Driver
NVD
CVSS 2.0
6.6
EPSS
0.0%
CVE-2015-6380 MEDIUM This Month

An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cisco Firepower Extensible Operating System
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2015-8329 MEDIUM This Month

SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Manufacturing Integration And Intelligence
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0856 MEDIUM PATCH This Month

daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Privilege Escalation Fedora Sddm
NVD GitHub
CVSS 2.0
4.6
EPSS
0.2%
CVE-2015-8228 MEDIUM PATCH This Month

Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Huawei Ar Firmware
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-8229 MEDIUM PATCH This Month

Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Huawei Espace Firmware
NVD
CVSS 2.0
4.0
EPSS
0.2%
CVE-2015-5281 LOW Monitor

The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, allows local users to bypass intended Secure Boot restrictions and execute non-verified code via a. Rated low severity (CVSS 2.6). No vendor patch available.

Red Hat Privilege Escalation Enterprise Linux
NVD
CVSS 2.0
2.6
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy