Skip to main content
CVE-2015-7981 MEDIUM POC PATCH This Month

The png_convert_to_rfc1123 function in png.c in libpng 1.0.x before 1.0.64, 1.2.x before 1.2.54, and 1.4.x before 1.4.17 allows remote attackers to obtain sensitive process memory information via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Ubuntu Linux Debian Linux Enterprise Linux Desktop +7
NVD
CVSS 2.0
5.0
EPSS
2.0%
CVE-2015-7869 MEDIUM This Month

Multiple integer overflows in the kernel mode driver for the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows and R304 before 304.131, R340 before. Rated medium severity (CVSS 6.6). No vendor patch available.

Denial Of Service Nvidia Microsoft Ubuntu Linux Gpu Driver
NVD
CVSS 2.0
6.6
EPSS
0.1%
CVE-2015-8328 MEDIUM This Month

Unspecified vulnerability in the NVAPI support layer in the NVIDIA GPU graphics driver R340 before 341.92, R352 before 354.35, and R358 before 358.87 on Windows allows local users to obtain sensitive. Rated medium severity (CVSS 6.6). No vendor patch available.

Denial Of Service Nvidia Buffer Overflow Microsoft Gpu Driver
NVD
CVSS 2.0
6.6
EPSS
0.0%
CVE-2015-6380 MEDIUM This Month

An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authenticated users to execute arbitrary OS commands via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cisco Firepower Extensible Operating System
NVD
CVSS 2.0
6.5
EPSS
0.4%
CVE-2015-8329 MEDIUM This Month

SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SAP Manufacturing Integration And Intelligence
NVD
CVSS 2.0
5.0
EPSS
0.2%
CVE-2015-0856 MEDIUM PATCH This Month

daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity.

Privilege Escalation Fedora Sddm
NVD GitHub
CVSS 2.0
4.6
EPSS
0.2%
CVE-2015-8228 MEDIUM PATCH This Month

Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200, 2200, 3200, and 3600 routers with software before V200R006SPH003 allows remote authenticated users to. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Huawei Ar Firmware
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-8229 MEDIUM PATCH This Month

Huawei eSpace U2980 unified gateway with software before V100R001C10 and U2990 with software before V200R001C10 allow remote authenticated users to cause a denial of service via crafted signaling. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Huawei Espace Firmware
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy