Skip to main content
CVE-2016-0742 HIGH PATCH Act Now

The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 78.8%.

Nginx Denial Of Service Null Pointer Dereference Ubuntu Linux Debian Linux +3
NVD
CVSS 3.1
7.5
EPSS
78.8%
CVE-2015-5050 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS CSRF Emptoris Contract Management
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2015-5042 HIGH This Week

IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1.5 iFix5, 10.0.2.x before 10.0.2.7 iFix4, and 10.0.4.x before 10.0.4.0 iFix3 allows remote attackers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM RCE Emptoris Contract Management
NVD
CVSS 3.0
7.5
EPSS
0.6%
CVE-2015-5012 HIGH PATCH This Week

The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Access Manager 9 0 Firmware Security Access Manager For Web 7 0 Firmware Security Access Manager For Web 8 0 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-5010 HIGH PATCH This Week

IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

IBM Information Disclosure Security Access Manager 9 0 Firmware Security Access Manager For Web 7 0 Firmware Security Access Manager For Web 8 0 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2015-4956 HIGH This Week

The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated users to execute unspecified OS commands via unknown vectors. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Command Injection Qradar Security Information And Event Manager
NVD
CVSS 3.0
7.4
EPSS
0.4%
CVE-2015-7472 HIGH This Week

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF29, 8.0.0 before 8.0.0.1 CF20, and 8.5.0 before CF10 allows remote attackers to conduct LDAP. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Code Injection Websphere Portal
NVD
CVSS 3.0
7.2
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy