Skip to main content
CVE-2015-5994 MEDIUM This Month

The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has a default password of admin for the admin account and a default password of password for the. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Medialink Mwn Wapr300N Firmware
NVD
CVSS 3.0
6.8
EPSS
0.3%
CVE-2015-2918 MEDIUM PATCH This Month

The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Orientdb
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2015-6017 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0) allow remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Zyxel P 660Hw T1 V2 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2015-2913 MEDIUM PATCH This Month

server/network/protocol/http/OHttpSessionManager.java in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 improperly relies on the java.util.Random class. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Java Orientdb
NVD GitHub
CVSS 3.0
5.9
EPSS
0.4%
CVE-2015-7282 MEDIUM This Month

ReadyNet WRT300N-DD devices with firmware 1.0.26 use the same source port number for every DNS query, which makes it easier for remote attackers to spoof responses by selecting that number for the. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wrt300N Dd Firmware Wrt300N Dd
NVD
CVSS 3.0
5.8
EPSS
0.5%
CVE-2015-2894 MEDIUM This Month

Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service (application crash) via format string. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Uptime Infrastructure Monitor
NVD
CVSS 3.0
5.3
EPSS
0.7%
CVE-2015-7279 MEDIUM This Month

Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure R10000 Firmware
NVD
CVSS 3.0
5.3
EPSS
0.7%
CVE-2015-7447 MEDIUM This Month

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF09 allows remote attackers to bypass intended. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Websphere Portal
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2015-2896 MEDIUM This Month

The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Uptime Infrastructure Monitor
NVD
CVSS 3.0
5.3
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy