Skip to main content
CVE-2015-7808 HIGH POC THREAT Act Now

The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 77.4%.

RCE PHP Vbulletin
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
77.4%
Threat
5.3
CVE-2015-7865 HIGH POC This Week

nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows does not properly restrict access to. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Nvidia Authentication Bypass Gpu Driver
NVD Exploit-DB
CVSS 2.0
7.7
EPSS
1.4%
CVE-2015-7985 HIGH POC This Week

Valve Steam 2.10.91.91 uses weak permissions (Users: read and write) for the Install folder, which allows local users to gain privileges via a Trojan horse steam.exe file. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Steam Client
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-8227 HIGH This Week

The built-in web server in Huawei VP9660 multi-point control unit with software before V200R001C30SPC700 allows remote administrators to obtain sensitive information or cause a denial of service via. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Huawei Vp 9660 Firmware
NVD
CVSS 2.0
8.5
EPSS
0.2%
CVE-2015-6377 HIGH This Week

Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of service (CPU and memory consumption, and TCP port outage) via a flood of crafted TCP packets, aka. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Virtual Topology System
NVD
CVSS 2.0
7.8
EPSS
3.6%
CVE-2015-8330 HIGH This Week

The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service SAP Buffer Overflow Plant Connectivity
NVD
CVSS 2.0
7.8
EPSS
3.4%
CVE-2015-7496 HIGH PATCH This Week

GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Fedora Gnome Display Manager
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-7866 HIGH This Week

Unquoted Windows search path vulnerability in the Smart Maximize Helper (nvSmartMaxApp.exe) in the Control Panel in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Information Disclosure Microsoft Gpu Driver
NVD
CVSS 2.0
7.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy