Skip to main content
CVE-2015-7938 CRITICAL Act Now

Advantech EKI-132x devices with firmware before 2015-12-31 allow remote attackers to bypass authentication via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Eki 1321 Series Firmware Eki 1322 Series Firmware
NVD
CVSS 3.0
9.8
EPSS
1.4%
CVE-2015-7939 CRITICAL Act Now

Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Visilogic Oplc Ide
NVD
CVSS 3.0
9.6
EPSS
1.2%
CVE-2015-7091 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
4.6%
CVE-2015-7092 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted TXXX frame within an ID3. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.9%
CVE-2015-7117 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2015-7090 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2015-7089 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2015-7088 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2015-7087 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2015-7086 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2015-7085 MEDIUM This Month

Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted movie file, a different. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Buffer Overflow RCE Quicktime
NVD
CVSS 3.0
6.6
EPSS
0.6%
CVE-2015-6933 MEDIUM PATCH This Month

The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

VMware Authentication Bypass Denial Of Service Buffer Overflow Microsoft +4
NVD
CVSS 3.0
6.3
EPSS
1.8%
CVE-2015-8511 MEDIUM This Month

Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically proximate attackers to bypass an intended passcode requirement via unspecified vectors. Rated medium severity (CVSS 6.4), this vulnerability is no authentication required. No vendor patch available.

Race Condition Mozilla Authentication Bypass Firefox Os
NVD
CVSS 3.0
6.4
EPSS
0.0%
CVE-2015-7575 MEDIUM This Month

Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Mozilla Information Disclosure Microsoft Network Security Services Leap +3
NVD
CVSS 3.0
5.9
EPSS
1.5%
CVE-2015-8510 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in the internationalization feature in the default homescreen app in Mozilla Firefox OS before 2.5 allows user-assisted remote attackers to inject arbitrary. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mozilla Firefox Os
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-8512 MEDIUM This Month

The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Mozilla Authentication Bypass Firefox Os
NVD
CVSS 3.0
4.6
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy