Skip to main content
CVE-2015-3276 HIGH PATCH This Week

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure OpenSSL Openldap Linux Enterprise Linux Desktop +6
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2015-8125 HIGH PATCH This Week

Symfony 2.3.x before 2.3.35, 2.6.x before 2.6.12, and 2.7.x before 2.7.7 might allow remote attackers to have unspecified impact via a timing attack involving the (1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

CSRF Symfony
NVD
CVSS 2.0
7.5
EPSS
1.0%
CVE-2015-1344 HIGH This Week

The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions, which allows local users to gain privileges by writing a pid to the tasks file. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Ubuntu Linux Lxcfs
NVD GitHub
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-8084 HIGH This Week

Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before V300R001C10SPC600, when "DHCP Snooping" is enabled and either "option82 insert" or "option82 rebuild" is. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Huawei Unified Security Gateway Firmware
NVD
CVSS 2.0
7.1
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy