Skip to main content
CVE-2015-8612 HIGH POC THREAT Act Now

The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.1%.

Privilege Escalation Blueman
NVD GitHub Exploit-DB
CVSS 3.0
8.4
EPSS
23.1%
CVE-2015-4694 HIGH POC PATCH THREAT Act Now

Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 32.5%.

Path Traversal WordPress PHP Zip Attachments
NVD
CVSS 3.0
8.6
EPSS
32.5%
Threat
4.2
CVE-2015-5259 HIGH Act Now

Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 34.3% and no vendor patch available.

RCE Buffer Overflow Apache Subversion
NVD
CVSS 3.0
8.6
EPSS
34.3%
CVE-2014-8886 HIGH POC This Week

AVM FRITZ!OS before 6.30 extracts the contents of firmware updates before verifying their cryptographic signature, which allows remote attackers to create symlinks or overwrite critical files, and. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

RCE Fritz Os
NVD
CVSS 3.0
8.1
EPSS
4.5%
CVE-2016-1499 HIGH POC This Week

ownCloud Server before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2 allow remote authenticated users to obtain sensitive information from a directory listing and possibly cause a denial of. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service PHP Information Disclosure Owncloud Owncloud Server
NVD
CVSS 3.0
8.5
EPSS
0.5%
CVE-2015-6856 HIGH POC This Week

Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Dell Pre Boot Authentication Driver
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2015-8597 HIGH POC This Week

Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Open Redirect Proxysg Advanced Secure Gateway
NVD
CVSS 3.0
7.4
EPSS
0.3%
CVE-2015-8765 HIGH This Week

Intel McAfee ePolicy Orchestrator (ePO) 4.6.9 and earlier, 5.0.x, 5.1.x before 5.1.3 Hotfix 1106041, and 5.3.x before 5.3.1 Hotfix 1106041 allow remote attackers to execute arbitrary code via a. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Intel RCE Java Apache Epolicy Orchestrator
NVD
CVSS 3.0
8.3
EPSS
2.3%
CVE-2015-6862 HIGH PATCH This Week

HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Ucmdb Browser
NVD
CVSS 3.0
8.4
EPSS
0.5%
CVE-2015-7754 HIGH This Week

Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Juniper RCE Denial Of Service Screenos
NVD
CVSS 3.0
8.1
EPSS
1.2%
CVE-2016-1131 HIGH This Week

Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Dx Library
NVD
CVSS 3.0
7.8
EPSS
1.4%
CVE-2015-8547 HIGH PATCH This Week

The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Quassel Leap Opensuse
NVD GitHub
CVSS 3.0
7.5
EPSS
2.4%
CVE-2015-7362 HIGH This Week

Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Fortinet Forticlient
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2015-8754 HIGH PATCH This Week

The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Privilege Escalation Mollom
NVD
CVSS 3.0
7.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy