Skip to main content
CVE-2015-6402 MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allows remote attackers to inject arbitrary web script or HTML via an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 34.3%.

XSS Cisco Epc3928 Docsis 3 0 8X4 Wireless Residential Gateway With Embedded Digital Voice Adapter
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
34.3%
CVE-2015-6401 HIGH POC This Week

Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intended authentication requirement and execute unspecified administrative functions via a crafted HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Cisco Authentication Bypass Epc3928 Docsis 3 0 8X4 Wireless Residential Gateway With Embedded Digital Voice Adapter
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
7.9%
CVE-2015-6788 CRITICAL Act Now

The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
10.0
EPSS
3.2%
CVE-2015-6791 CRITICAL Act Now

Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2015-8548 CRITICAL Act Now

Multiple unspecified vulnerabilities in Google V8 before 4.7.80.23, as used in Google Chrome before 47.0.2526.80, allow attackers to cause a denial of service or possibly have other impact via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google V8 Chrome
NVD
CVSS 2.0
10.0
EPSS
0.8%
CVE-2015-6789 CRITICAL Act Now

Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0.2526.80, allows remote attackers to cause a denial of service (use-after-free) or possibly have. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Google Denial Of Service Chrome
NVD
CVSS 2.0
9.3
EPSS
1.6%
CVE-2015-6378 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCuv05943. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Cisco Dpq3925 8X4 Docsis 3 0 Wireless Residential Gateway With Embedded Digital Voice Adapter
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-6790 MEDIUM This Month

The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp in the page serializer in Google Chrome before 47.0.2526.80 does not properly use HTML entities,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Apple Google Code Injection Chrome
NVD
CVSS 2.0
4.3
EPSS
0.9%
CVE-2015-6416 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web Interaction Manager 11.0(1) allows remote attackers to inject arbitrary web script or HTML a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Cisco Unified Web And E Mail Interaction Manager
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-6422 MEDIUM This Month

The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows remote authenticated users to cause a denial of service (subapplication outage) via malformed. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Communications Domain Manager
NVD
CVSS 2.0
4.0
EPSS
0.5%
CVE-2015-6410 MEDIUM This Month

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager mishandles edge-device identity validation, which allows remote attackers to bypass intended. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Telepresence Video Communication Server Software
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy