Skip to main content
CVE-2015-8562 HIGH POC THREAT Act Now

Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 92.9%.

RCE PHP Joomla
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
92.9%
Threat
5.8
CVE-2015-8000 MEDIUM PATCH This Month

db.c in named in ISC BIND 9.x before 9.9.8-P2 and 9.10.x before 9.10.3-P2 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via a malformed class. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 67.1%.

Denial Of Service Linux Solaris Vm Server Bind
NVD
CVSS 2.0
5.0
EPSS
67.1%
CVE-2015-8358 CRITICAL POC THREAT Emergency

Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 13.6%.

Path Traversal PHP Mpbuilder
NVD Exploit-DB
CVSS 2.0
9.0
EPSS
13.6%
CVE-2015-8370 HIGH POC PATCH This Week

Multiple integer underflows in Grub2 1.98 through 2.02 allow physically proximate attackers to bypass authentication, obtain sensitive information, or cause a denial of service (disk corruption) via. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. Public exploit code available.

Denial Of Service Privilege Escalation Grub2 Fedora
NVD
CVSS 3.1
7.4
EPSS
5.1%
CVE-2015-8566 HIGH POC PATCH This Week

The Session package 1.x before 1.3.1 for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

RCE Session
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.1%
CVE-2015-8357 MEDIUM POC This Month

Directory traversal vulnerability in the bitrix.xscan module before 1.0.4 for Bitrix allows remote authenticated users to rename arbitrary files, and consequently obtain sensitive information or. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Denial Of Service PHP Xscan
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
4.8%
CVE-2015-8578 MEDIUM POC This Month

AVG Internet Security 2015 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass the DEP and ASLR. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Internet Security
NVD
CVSS 2.0
6.4
EPSS
0.2%
CVE-2015-8579 MEDIUM POC This Month

Kaspersky Total Security 2015 15.0.2.361 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses when protecting user-mode processes, which allows attackers to bypass. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Total Security 2015
NVD
CVSS 2.0
6.4
EPSS
0.2%
CVE-2015-7202 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Firefox +3
NVD
CVSS 2.0
10.0
EPSS
1.9%
CVE-2015-7203 CRITICAL Act Now

Buffer overflow in the DirectWriteFontInfo::LoadFontFamilyData function in gfx/thebes/gfxDWriteFontList.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow Firefox Fedora +2
NVD
CVSS 2.0
10.0
EPSS
1.7%
CVE-2015-7201 CRITICAL Act Now

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to cause a denial of service (memory corruption and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow RCE Fedora +3
NVD
CVSS 2.0
10.0
EPSS
1.6%
CVE-2015-7221 CRITICAL PATCH Act Now

Buffer overflow in the nsDeque::GrowCapacity function in xpcom/glue/nsDeque.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Mozilla Buffer Overflow Firefox Fedora +2
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2015-7220 CRITICAL Act Now

Buffer overflow in the XDRBuffer::grow function in js/src/vm/Xdr.cpp in Mozilla Firefox before 43.0 might allow remote attackers to cause a denial of service or possibly have unspecified other impact. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow Leap Opensuse +2
NVD
CVSS 2.0
10.0
EPSS
1.5%
CVE-2015-7205 CRITICAL Act Now

Integer underflow in the RTPReceiverVideo::ParseRtpPacket function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 might allow remote attackers to obtain sensitive information, cause. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Denial Of Service Fedora Firefox Leap +1
NVD
CVSS 2.0
10.0
EPSS
0.9%
CVE-2015-8461 HIGH Act Now

Race condition in resolver.c in named in ISC BIND 9.9.8 before 9.9.8-P2 and 9.10.3 before 9.10.3-P2 allows remote attackers to cause a denial of service (INSIST assertion failure and daemon exit) via. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 14.7% and no vendor patch available.

Race Condition Denial Of Service Bind
NVD
CVSS 2.0
7.1
EPSS
14.7%
CVE-2015-7214 MEDIUM This Month

Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.5% and no vendor patch available.

Mozilla Information Disclosure Leap Opensuse Firefox +1
NVD
CVSS 2.0
5.0
EPSS
15.5%
CVE-2015-7212 HIGH This Week

Integer overflow in the mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla RCE Fedora Leap Opensuse +1
NVD
CVSS 2.0
7.5
EPSS
2.3%
CVE-2015-7210 HIGH This Week

Use-after-free vulnerability in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code by triggering attempted use of a data channel that has. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla RCE Firefox Leap Opensuse +1
NVD
CVSS 2.0
7.5
EPSS
1.8%
CVE-2015-8565 HIGH This Week

Directory traversal vulnerability in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Joomla
NVD
CVSS 2.0
7.5
EPSS
0.1%
CVE-2015-8564 HIGH This Week

Directory traversal vulnerability in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Joomla
NVD
CVSS 2.0
7.5
EPSS
0.1%
CVE-2015-7222 MEDIUM This Month

Integer underflow in the Metadata::setData function in MetaData.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allows remote attackers to execute arbitrary code. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Mozilla RCE Buffer Overflow Firefox +3
NVD
CVSS 2.0
6.8
EPSS
3.4%
CVE-2015-7213 MEDIUM This Month

Integer overflow in the MPEG4Extractor::readMetaData function in MPEG4Extractor.cpp in libstagefright in Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 on 64-bit platforms allows remote. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla RCE Buffer Overflow Leap Opensuse +2
NVD
CVSS 2.0
6.8
EPSS
2.4%
CVE-2015-7204 MEDIUM This Month

Mozilla Firefox before 43.0 does not properly store the properties of unboxed objects, which allows remote attackers to execute arbitrary code via crafted JavaScript variable assignments. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla RCE Leap Opensuse Fedora +1
NVD
CVSS 2.0
6.8
EPSS
1.7%
CVE-2015-7216 MEDIUM This Month

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the JasPer decoder, which allows remote attackers to cause a denial of service or possibly. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Mozilla Denial Of Service Fedora Firefox Leap +1
NVD
CVSS 2.0
6.8
EPSS
0.9%
CVE-2015-8580 MEDIUM This Month

Multiple use-after-free vulnerabilities in the (1) Print method and (2) App object handling in Foxit Reader before 7.2.2 and Foxit PhantomPDF before 7.2.2 allow remote attackers to execute arbitrary. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Foxit Reader Phantompdf
NVD
CVSS 2.0
6.8
EPSS
0.7%
CVE-2015-8563 MEDIUM This Month

Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla!. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF Joomla
NVD
CVSS 2.0
6.8
EPSS
0.0%
CVE-2015-7219 MEDIUM This Month

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a malformed PushPromise. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Denial Of Service Leap Opensuse Firefox +1
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2015-7218 MEDIUM This Month

The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service (integer underflow, assertion failure, and application exit) via a single-byte header. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Denial Of Service Leap Opensuse Fedora +1
NVD
CVSS 2.0
5.0
EPSS
1.3%
CVE-2015-8476 MEDIUM PATCH This Month

Multiple CRLF injection vulnerabilities in PHPMailer before 5.2.14 allow attackers to inject arbitrary SMTP commands via CRLF sequences in an (1) email address to the validateAddress function in. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

PHP Code Injection Debian Linux Phpmailer
NVD GitHub
CVSS 2.0
5.0
EPSS
0.9%
CVE-2015-7211 MEDIUM This Month

Mozilla Firefox before 43.0 mishandles the # (number sign) character in a data: URI, which allows remote attackers to spoof web sites via unspecified vectors. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Fedora Leap +1
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-7208 MEDIUM This Month

Mozilla Firefox before 43.0 stores cookies containing vertical tab characters, which allows remote attackers to obtain sensitive information by reading HTTP Cookie headers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Fedora Leap +1
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-6425 MEDIUM This Month

The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.98000.88) allows remote attackers to cause a denial of service (subsystem outage) via invalid session. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Unified Communications Manager
NVD
CVSS 2.0
5.0
EPSS
0.5%
CVE-2015-7215 MEDIUM This Month

The importScripts function in the Web Workers API implementation in Mozilla Firefox before 43.0 allows remote attackers to bypass the Same Origin Policy by triggering use of the no-cors mode in the. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Fedora Leap Opensuse +1
NVD GitHub
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-7207 MEDIUM This Month

Mozilla Firefox before 43.0 does not properly restrict the availability of IFRAME Resource Timing API times, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Mozilla Information Disclosure Firefox Leap Opensuse +1
NVD GitHub
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-7217 MEDIUM This Month

The gdk-pixbuf configuration in Mozilla Firefox before 43.0 on Linux GNOME platforms incorrectly enables the TGA decoder, which allows remote attackers to cause a denial of service (heap-based buffer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Mozilla Buffer Overflow Firefox Leap +2
NVD
CVSS 2.0
4.3
EPSS
1.3%
CVE-2015-7223 MEDIUM This Month

The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive information or conduct cross-site scripting (XSS) attacks, via a crafted. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. No vendor patch available.

XSS Mozilla Privilege Escalation Fedora Firefox +2
NVD
CVSS 2.0
4.0
EPSS
0.7%
CVE-2015-5304 LOW Monitor

Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access to shut down the server, which allows remote authenticated users with the Monitor, Deployer, or. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. No vendor patch available.

Red Hat Privilege Escalation Denial Of Service Jboss Enterprise Application Platform
NVD
CVSS 2.0
3.5
EPSS
1.3%
CVE-2015-8577 LOW Monitor

The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit. Rated low severity (CVSS 2.6). No vendor patch available.

Privilege Escalation Buffer Overflow Virusscan Enterprise
NVD
CVSS 2.0
2.6
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy