Skip to main content
CVE-2015-7706 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Secure Data Space SDS-API before 3.5.7 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Secure Data Space
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2015-7024 MEDIUM This Month

Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass intended Gatekeeper restrictions and gain privileges via a Trojan horse program that is loaded from an. Rated medium severity (CVSS 6.7). No vendor patch available.

Apple Authentication Bypass Mac Os X
NVD
CVSS 3.0
6.7
EPSS
0.0%
CVE-2015-8335 MEDIUM This Month

Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows remote authenticated users to obtain sensitive information by triggering log generation and then reading. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Huawei Vcn500
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2015-7399 MEDIUM This Month

IBM WebSphere Message Broker 7 before 7.0.0.8 and 8 before 8.0.0.6 and IBM Integration Bus 9 before 9.0.0.3 and 10 before 10.0.0.0 allow remote attackers to obtain sensitive information about the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Integration Bus Websphere Message Broker
NVD
CVSS 3.0
5.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy