Skip to main content
CVE-2015-0860 HIGH This Week

Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Debian RCE Buffer Overflow Ubuntu Linux Dpkg
NVD
CVSS 2.0
7.5
EPSS
4.9%
CVE-2015-8077 HIGH This Week

Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Imap Leap Opensuse
NVD
CVSS 2.0
7.5
EPSS
3.4%
CVE-2015-0859 HIGH This Week

The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie before 2.6.9-1+deb8u1 does not properly configure the way Apache httpd passes arguments to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Debian RCE Apache Debian Linux
NVD
CVSS 2.0
7.5
EPSS
2.8%
CVE-2015-8076 HIGH This Week

The index_urlfetch function in index.c in Cyrus IMAP 2.3.x before 2.3.19, 2.4.x before 2.4.18, 2.5.x before 2.5.4 allows remote attackers to obtain sensitive information or possibly have unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Leap Opensuse Imap
NVD
CVSS 2.0
7.5
EPSS
2.6%
CVE-2015-8078 HIGH This Week

Integer overflow in the index_urlfetch function in imap/index.c in Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 allows remote attackers to have unspecified impact via vectors related to urlfetch range checks. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Leap Opensuse Imap
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-6383 HIGH This Week

Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Apple Privilege Escalation Cisco Ios Xe
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2015-6390 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1.10) allows remote attackers to inject arbitrary web script or HTML via a crafted value in a URL,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Unity Connection
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-5245 MEDIUM This Month

CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Code Injection Ceph
NVD
CVSS 2.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy