CVE-2015-0xxx

There are 948 CVE in this subgroup.
Last updated: 
← Back to 2015
ID Summary Flags Max Score
CVE-2015-0001 The Windows Error Reporting (WER) component in Microsoft Windows 8, Windows 8.1, Windows Server 2012...
CVE-2015-0002 The AhcVerifyAdminContext function in ahcache.sys in the Application Compatibility component in Micr...
E
CVE-2015-0003 win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windo...
S
CVE-2015-0004 The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Wind...
E
CVE-2015-0005 The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and W...
E
CVE-2015-0006 The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2...
CVE-2015-0007 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0008 The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 ...
S
CVE-2015-0009 The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, ...
S
CVE-2015-0010 The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kern...
E S
CVE-2015-0011 mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, ...
CVE-2015-0012 Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly vali...
S
CVE-2015-0013 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0014 Buffer overflow in the Telnet service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windo...
CVE-2015-0015 Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow rem...
CVE-2015-0016 Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows V...
KEV E S
CVE-2015-0017 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0018 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-0019 Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a de...
CVE-2015-0020 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0021 Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0022 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0023 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-0024 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0025 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-0026 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0027 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-0028 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2015-0029 Microsoft Internet Explorer 6 and 8 allows remote attackers to execute arbitrary code or cause a den...
CVE-2015-0030 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0031 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0032 vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 8 through 11 and ...
CVE-2015-0033 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0034 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0035 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-0036 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0037 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-0038 Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0039 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-0040 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
E
CVE-2015-0041 Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0042 Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0043 Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0044 Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den...
CVE-2015-0045 Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a...
CVE-2015-0046 Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-0047 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0048 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2015-0049 Microsoft Internet Explorer 8 and 10 allows remote attackers to execute arbitrary code or cause a de...
CVE-2015-0050 Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den...
E
CVE-2015-0051 Microsoft Internet Explorer 8 allows remote attackers to bypass the ASLR protection mechanism via a ...
CVE-2015-0052 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-0053 Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a...
CVE-2015-0054 Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted we...
CVE-2015-0055 Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web s...
CVE-2015-0056 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-0057 win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windo...
E S
CVE-2015-0058 Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows...
S
CVE-2015-0059 win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Window...
S
CVE-2015-0060 The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windo...
S
CVE-2015-0061 Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 ...
S
CVE-2015-0062 Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gol...
S
CVE-2015-0063 Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel 2010 SP2; Excel 2013 Gold, SP...
S
CVE-2015-0064 Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Serv...
E
CVE-2015-0065 Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of servi...
E
CVE-2015-0066 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-0067 Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a...
CVE-2015-0068 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-0069 Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanis...
CVE-2015-0070 Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1...
CVE-2015-0071 Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mecha...
KEV S
CVE-2015-0072 Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 9 through 11 allows remote a...
E
CVE-2015-0073 The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Se...
S
CVE-2015-0074 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0075 The kernel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 S...
CVE-2015-0076 The photo-decoder implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,...
S
CVE-2015-0077 The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008...
S
CVE-2015-0078 win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold ...
S
CVE-2015-0079 The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1,...
S
CVE-2015-0080 Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 ...
S
CVE-2015-0081 Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server ...
S
CVE-2015-0082 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0083 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0084 The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, W...
S
CVE-2015-0085 Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word...
CVE-2015-0086 Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold a...
CVE-2015-0087 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0088 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0089 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0090 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0091 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0092 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0093 Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 a...
S
CVE-2015-0094 The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008...
S
CVE-2015-0095 The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008...
S
CVE-2015-0096 Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows...
S
CVE-2015-0097 Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, a...
E
CVE-2015-0098 Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain ...
CVE-2015-0099 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-0100 Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2015-0101 Cross-site scripting (XSS) vulnerability in IBM Business Process Manager Standard 7.5.x before 7.5, ...
M
CVE-2015-0102 IBM Workflow for Bluemix does not set the secure flag for the session cookie in an https session, wh...
CVE-2015-0103 Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process Ma...
S
CVE-2015-0104 IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration ...
S
CVE-2015-0105 Cross-site scripting (XSS) vulnerability in the Process Portal in IBM Business Process Manager (BPM)...
S
CVE-2015-0106 Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2...
S
CVE-2015-0107 IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration ...
CVE-2015-0108 Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Max...
CVE-2015-0109 Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.8, and Max...
CVE-2015-0110 IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition (aka W...
CVE-2015-0112 Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1, ...
S
CVE-2015-0113 The Jazz help system in IBM Rational Collaborative Lifecycle Management 4.0 through 5.0.2, Rational ...
S
CVE-2015-0114 Stack-based buffer overflow in IBM V5R4, and IBM i Access for Windows 6.1 and 7.1....
S
CVE-2015-0115 Cross-site request forgery (CSRF) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 ...
S
CVE-2015-0116 IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 thr...
S
CVE-2015-0117 The LDAP Server in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 allows remote ...
S
CVE-2015-0118 IBM WebSphere Message Broker Toolkit 7 before 7007 IF2 and 8 before 8005 IF1 and Integration Toolkit...
CVE-2015-0119 FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before 6.1.11.1 allows remote attackers ...
S
CVE-2015-0120 Buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.1...
S
CVE-2015-0121 IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS Next...
CVE-2015-0122 Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFi...
S
CVE-2015-0123 Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFi...
S
CVE-2015-0124 Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 ...
S
CVE-2015-0125 Cross-site scripting (XSS) vulnerability in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix...
S
CVE-2015-0126 IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 thr...
CVE-2015-0127 IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 thr...
CVE-2015-0128 Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1.6 ...
S
CVE-2015-0129 Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 4.x before 4.0.7 iFix...
S
CVE-2015-0130 Cross-site scripting (XSS) vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Coll...
S
CVE-2015-0131 Cross-site scripting (XSS) vulnerability in IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before ...
S
CVE-2015-0132 The XML parser in IBM Rational DOORS Next Generation 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 and...
S
CVE-2015-0133 IBM WebSphere Commerce 7.0 Feature Pack 4 through 8 allows remote attackers to read arbitrary files ...
S
CVE-2015-0134 Buffer overflow in the SSLv2 implementation in IBM Domino 8.5.x before 8.5.1 FP5 IF3, 8.5.2 before F...
S
CVE-2015-0135 IBM Domino 8.5 before 8.5.3 FP6 IF4 and 9.0 before 9.0.1 FP3 IF2 allows remote attackers to execute ...
S
CVE-2015-0136 powervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 places an access t...
CVE-2015-0137 IBM PowerVC Standard 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 validates Hardware Management C...
CVE-2015-0138 GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66...
S
CVE-2015-0139 Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5....
S
CVE-2015-0140 An unspecified ActiveX control in IBM SPSS Statistics 22.0 through FP1 on 32-bit platforms allows re...
S
CVE-2015-0141 IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before ...
S
CVE-2015-0142 IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before ...
S
CVE-2015-0143 IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before ...
S
CVE-2015-0144 Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before ...
S
CVE-2015-0145 Cross-site request forgery (CSRF) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 ...
S
CVE-2015-0146 IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3-IBM-I...
S
CVE-2015-0149 The developer portal in IBM API Management 3.0 before 3.0.4.1 does not properly restrict access to t...
S
CVE-2015-0150 The remote administration UI in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote a...
CVE-2015-0151 Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 devices with firmware before 2.07....
CVE-2015-0152 D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive info...
CVE-2015-0153 D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive info...
CVE-2015-0154 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2015-0155 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2015-0156 Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2...
S
CVE-2015-0157 IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX, and...
S
CVE-2015-0158 Cross-site scripting (XSS) vulnerability in the Coach NG framework in IBM Business Process Manager (...
S
CVE-2015-0159 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-3570. Reason: This candida...
R
CVE-2015-0160 IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 a...
CVE-2015-0161 SQL injection vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1....
CVE-2015-0162 IBM Security SiteProtector System 3.0, 3.1, and 3.1.1 allows local users to gain privileges....
CVE-2015-0163 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2015-0164 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2015-0165 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2015-0166 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2015-0167 Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allo...
CVE-2015-0168 Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3....
CVE-2015-0169 IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 a...
CVE-2015-0170 IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1.2 a...
CVE-2015-0171 Directory traversal vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 befor...
CVE-2015-0172 IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote attackers to bypass intended se...
M
CVE-2015-0173 The HTTP connection-management functionality in Internet Pass-Thru (IPT) before 2.1.0.2 in IBM WebSp...
S
CVE-2015-0174 The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not proper...
S
CVE-2015-0175 IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly implemen...
S
CVE-2015-0176 Cross-site scripting (XSS) vulnerability in MQ XR WebSockets Listener in WMQ Telemetry in IBM WebSph...
S
CVE-2015-0177 Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF05 allows remote aut...
S
CVE-2015-0178 The Java overlay feature in IBM Bluemix Liberty before 1.13-20150209-1122 for Java does not properly...
CVE-2015-0179 Notes System Diagnostic (NSD) in IBM Domino 8.5.x before 8.5.3 FP6 IF6 and 9.x before 9.0.1 FP3 IF1 ...
E S
CVE-2015-0180 The Connector Migration Tool in IBM InfoSphere Information Server 8.1 through 11.3 allows remote aut...
S
CVE-2015-0189 The cluster repository manager in IBM WebSphere MQ 7.5 before 7.5.0.5 and 8.0 before 8.0.0.2 allows ...
S
CVE-2015-0191 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0191. Reason: This candida...
R
CVE-2015-0192 Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before ...
CVE-2015-0193 Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2...
CVE-2015-0194 XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling ...
S
CVE-2015-0195 Cross-site scripting (XSS) vulnerability in IBM Content Template Catalog 4.x before 4.1.4 for WebSph...
CVE-2015-0196 CRLF injection vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11 and 7.0 before 7.0.0.8 C...
S
CVE-2015-0197 IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1...
S
CVE-2015-0198 IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 before 3.5.0.24, and 4.1 before 4.1...
S
CVE-2015-0199 The mmfslinux kernel module in IBM General Parallel File System (GPFS) 3.4 before 3.4.0.32, 3.5 befo...
S
CVE-2015-0200 IBM WebSphere Commerce 6.x through 6.0.0.11 and 7.x before 7.0.0.8 IF2 allows local users to obtain ...
S
CVE-2015-0201 The Java SockJS client in Pivotal Spring Framework 4.1.x before 4.1.5 generates predictable session ...
CVE-2015-0202 The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote attackers to cause a denial ...
CVE-2015-0203 The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial...
CVE-2015-0204 The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and ...
CVE-2015-0205 The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1...
CVE-2015-0206 Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1...
CVE-2015-0207 The dtls1_listen function in d1_lib.c in OpenSSL 1.0.2 before 1.0.2a does not properly isolate the s...
S
CVE-2015-0208 The ASN.1 signature-verification implementation in the rsa_item_verify function in crypto/rsa/rsa_am...
S
CVE-2015-0209 Use-after-free vulnerability in the d2i_ECPrivateKey function in crypto/ec/ec_asn1.c in OpenSSL befo...
CVE-2015-0210 wpa_supplicant 2.0-16 does not properly check certificate subject name, which allows remote attacker...
E S
CVE-2015-0211 mod/lti/ajax.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x before 2...
CVE-2015-0212 Cross-site scripting (XSS) vulnerability in course/pending.php in Moodle through 2.5.9, 2.6.x before...
CVE-2015-0213 Multiple cross-site request forgery (CSRF) vulnerabilities in (1) editcategories.html and (2) editca...
CVE-2015-0214 message/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x b...
CVE-2015-0215 calendar/externallib.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2.8.x ...
CVE-2015-0216 access.php in the Lesson module in Moodle 2.8.x before 2.8.2 does not set the RISK_XSS bit for grade...
CVE-2015-0217 filter/mediaplugin/filter.php in Moodle through 2.5.9, 2.6.x before 2.6.7, 2.7.x before 2.7.4, and 2...
CVE-2015-0218 Cross-site request forgery (CSRF) vulnerability in auth/shibboleth/logout.php in Moodle through 2.5....
CVE-2015-0219 Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1.7.3 allows remote attackers to spoof W...
E S
CVE-2015-0220 The django.util.http.is_safe_url function in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x be...
E
CVE-2015-0221 The django.views.static.serve view in Django before 1.4.18, 1.6.x before 1.6.10, and 1.7.x before 1....
E S
CVE-2015-0222 ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when show_hidden_init...
S
CVE-2015-0223 Unspecified vulnerability in Apache Qpid 0.30 and earlier allows remote attackers to bypass access r...
CVE-2015-0224 qpidd in Apache Qpid 0.30 and earlier allows remote attackers to cause a denial of service (daemon c...
S
CVE-2015-0225 The default configuration in Apache Cassandra 1.2.0 through 1.2.19, 2.0.0 through 2.0.13, and 2.1.0 ...
CVE-2015-0226 Apache WSS4J before 1.6.17 and 2.0.x before 2.0.2 improperly leaks information about decryption fail...
CVE-2015-0227 Apache WSS4J before 1.6.17 and 2.x before 2.0.2 allows remote attackers to bypass the requireSignedE...
S
CVE-2015-0228 The lua_websocket_read function in lua_request.c in the mod_lua module in the Apache HTTP Server thr...
CVE-2015-0229 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual...
R
CVE-2015-0230 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2015-0231 Use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re...
E S
CVE-2015-0232 The exif_process_unicode function in ext/exif/exif.c in PHP before 5.4.37, 5.5.x before 5.5.21, and ...
E S
CVE-2015-0233 Multiple insecure Temporary File vulnerabilities in 389 Administration Server before 1.1.38....
CVE-2015-0234 Multiple temporary file creation vulnerabilities in pki-core 10.2.0....
S
CVE-2015-0235 Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x ve...
E S
CVE-2015-0236 libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_D...
S
CVE-2015-0237 Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapsho...
CVE-2015-0238 selinux-policy as packaged in Red Hat OpenShift 2 allows attackers to obtain process listing informa...
CVE-2015-0239 The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest...
E S
CVE-2015-0240 The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0....
E
CVE-2015-0241 The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x be...
CVE-2015-0242 Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1...
CVE-2015-0243 Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2....
CVE-2015-0244 PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x be...
CVE-2015-0245 D-Bus 1.4.x through 1.6.x before 1.6.30, 1.8.x before 1.8.16, and 1.9.x before 1.9.10 does not valid...
CVE-2015-0246 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-1493. Reason: This candida...
R
CVE-2015-0247 Heap-based buffer overflow in openfs.c in the libext2fs library in e2fsprogs before 1.42.12 allows l...
CVE-2015-0248 The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1....
CVE-2015-0249 The weblog page template in Apache Roller 5.1 through 5.1.1 allows remote authenticated users with a...
M
CVE-2015-0250 XML external entity (XXE) vulnerability in the SVG to (1) PNG and (2) JPG conversion classes in Apac...
E S
CVE-2015-0251 The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote aut...
CVE-2015-0252 internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of ...
E
CVE-2015-0253 The read_request_line function in server/protocol.c in the Apache HTTP Server 2.4.12 does not initia...
CVE-2015-0254 Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct ex...
CVE-2015-0255 X.Org Server (aka xserver and xorg-server) before 1.16.3 and 1.17.x before 1.17.1 allows remote atta...
S
CVE-2015-0256 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2015-0257 Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directori...
CVE-2015-0258 Multiple incomplete blacklist vulnerabilities in the avatar upload functionality in manageuser.php i...
E S
CVE-2015-0259 OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not ...
CVE-2015-0260 RhodeCode before 2.2.7 and Kallithea 0.1 allows remote authenticated users to obtain API keys and ot...
E S
CVE-2015-0261 Integer signedness error in the mobility_opt_print function in the IPv6 mobility printer in tcpdump ...
CVE-2015-0262 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2015-0263 XML external entity (XXE) vulnerability in the XML converter setup in converter/jaxp/XmlConverter.ja...
CVE-2015-0264 Multiple XML external entity (XXE) vulnerabilities in builder/xml/XPathBuilder.java in Apache Camel ...
CVE-2015-0265 Cross-site scripting (XSS) vulnerability in the Policy Admin Tool in Apache Ranger before 0.5.0 allo...
E
CVE-2015-0266 The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote authenticated users to bypass inte...
E
CVE-2015-0267 The Red Hat module-setup.sh script for kexec-tools, as distributed in the kexec-tools before 2.0.7-1...
CVE-2015-0268 The vgic_v2_to_sgi function in arch/arm/vgic-v2.c in Xen 4.5.x, when running on ARM hardware with ge...
CVE-2015-0269 Directory traversal vulnerability in Contao before 3.2.19, and 3.4.x before 3.4.4 allows remote auth...
CVE-2015-0270 Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\D...
CVE-2015-0271 The log-viewing function in the Red Hat redhat-access-plugin before 6.0.3 for OpenStack Dashboard (h...
CVE-2015-0272 GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) ...
S
CVE-2015-0273 Multiple use-after-free vulnerabilities in ext/date/php_date.c in PHP before 5.4.38, 5.5.x before 5....
E
CVE-2015-0274 The XFS implementation in the Linux kernel before 3.15 improperly uses an old size value during remo...
CVE-2015-0275 The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users ...
S
CVE-2015-0276 Cross-site request forgery (CSRF) vulnerability in Kallithea before 0.2....
CVE-2015-0277 The Service Provider (SP) in PicketLink before 2.7.0 does not ensure that it is a member of an Audie...
CVE-2015-0278 libuv before 0.10.34 does not properly drop group privileges, which allows context-dependent attacke...
S
CVE-2015-0279 JBoss RichFaces before 4.5.4 allows remote attackers to inject expression language (EL) expressions ...
CVE-2015-0280 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2015-0281 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2015-0282 GnuTLS before 3.1.0 does not verify that the RSA PKCS #1 signature algorithm matches the signature a...
CVE-2015-0283 The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user account...
CVE-2015-0284 Cross-site scripting (XSS) vulnerability in spacewalk-java in Spacewalk and Red Hat Satellite 5.7 al...
CVE-2015-0285 The ssl3_client_hello function in s3_clnt.c in OpenSSL 1.0.2 before 1.0.2a does not ensure that the ...
S
CVE-2015-0286 The ASN1_TYPE_cmp function in crypto/asn1/a_type.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1...
CVE-2015-0287 The ASN1_item_ex_d2i function in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0....
CVE-2015-0288 The X509_to_X509_REQ function in crypto/x509/x509_req.c in OpenSSL before 0.9.8zf, 1.0.0 before 1.0....
CVE-2015-0289 The PKCS#7 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1...
CVE-2015-0290 The multi-block feature in the ssl3_write_bytes function in s3_pkt.c in OpenSSL 1.0.2 before 1.0.2a ...
S
CVE-2015-0291 The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cau...
S
CVE-2015-0292 Integer underflow in the EVP_DecodeUpdate function in crypto/evp/encode.c in the base64-decoding imp...
E
CVE-2015-0293 The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1....
CVE-2015-0294 GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certific...
S
CVE-2015-0295 The BMP decoder in QtGui in QT before 5.5 does not properly calculate the masks used to extract the ...
CVE-2015-0296 The pre-install script in texlive 3.1.20140525_r34255.fc21 as packaged in Fedora 21 and rpm, and tex...
CVE-2015-0297 Red Hat JBoss Operations Network 3.3.1 does not properly restrict access to certain APIs, which allo...
CVE-2015-0298 Cross-site scripting (XSS) vulnerability in the manager web interface in mod_cluster before 1.3.2.Al...
CVE-2015-0299 Multiple cross-site scripting (XSS) vulnerabilities in Open Source Point of Sale 2.3.1 allow remote ...
CVE-2015-0300 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2015-0301 Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and...
CVE-2015-0302 Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and...
CVE-2015-0303 Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and...
S
CVE-2015-0304 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0...
S
CVE-2015-0305 Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and...
CVE-2015-0306 Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and...
S
CVE-2015-0307 Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and...
S
CVE-2015-0308 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16...
S
CVE-2015-0309 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0...
S
CVE-2015-0310 Adobe Flash Player before 13.0.0.262 and 14.x through 16.x before 16.0.0.287 on Windows and OS X and...
KEV S
CVE-2015-0311 Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through ...
KEV S
CVE-2015-0312 Double free vulnerability in Adobe Flash Player before 13.0.0.264 and 14.x through 16.x before 16.0....
S
CVE-2015-0313 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16...
KEV E S
CVE-2015-0314 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0315 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16...
S
CVE-2015-0316 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0317 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0318 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0319 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0320 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16...
S
CVE-2015-0321 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0322 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16...
S
CVE-2015-0323 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0...
S
CVE-2015-0324 Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on W...
S
CVE-2015-0325 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0326 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0327 Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0...
S
CVE-2015-0328 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0329 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0330 Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and...
S
CVE-2015-0331 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16...
S
CVE-2015-0332 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
S
CVE-2015-0333 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
S
CVE-2015-0334 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
S
CVE-2015-0335 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
S
CVE-2015-0336 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
E S
CVE-2015-0337 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
S
CVE-2015-0338 Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on ...
S
CVE-2015-0339 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
S
CVE-2015-0340 Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and...
S
CVE-2015-0341 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17...
S
CVE-2015-0342 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17...
S
CVE-2015-0343 Cross-site scripting (XSS) vulnerability in admin/home/homepage/search in the web app in Adobe Conne...
CVE-2015-0344 Cross-site scripting (XSS) vulnerability in the web app in Adobe Connect before 9.4 allows remote at...
CVE-2015-0345 Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before Updat...
S
CVE-2015-0346 Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0....
S
CVE-2015-0347 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0348 Buffer overflow in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on W...
S
CVE-2015-0349 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17...
S
CVE-2015-0350 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0351 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17...
S
CVE-2015-0352 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0353 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0354 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0355 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0356 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0357 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0358 Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17...
S
CVE-2015-0359 Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0....
S
CVE-2015-0360 Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and...
S
CVE-2015-0361 Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial ...
S
CVE-2015-0362 Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Mi...
S
CVE-2015-0363 Unspecified vulnerability in the Siebel Core EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allo...
CVE-2015-0364 Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 al...
CVE-2015-0365 Unspecified vulnerability in the Siebel Core - Server Infrastructure component in Oracle Siebel CRM ...
CVE-2015-0366 Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 al...
S
CVE-2015-0367 Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1....
S
CVE-2015-0368 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
S
CVE-2015-0369 Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 ...
CVE-2015-0370 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, ...
S
CVE-2015-0371 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, ...
S
CVE-2015-0372 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10...
S
CVE-2015-0373 Unspecified vulnerability in the OJVM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0...
S
CVE-2015-0374 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows re...
S
CVE-2015-0375 Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows remote attackers to affect confiden...
S
CVE-2015-0376 Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 11.1...
S
CVE-2015-0377 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox ...
CVE-2015-0378 Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unk...
S
CVE-2015-0379 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2015-0380 Unspecified vulnerability in the Oracle Telecommunications Billing Integrator component in Oracle E-...
S
CVE-2015-0381 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows re...
S
CVE-2015-0382 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows re...
S
CVE-2015-0383 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and ...
S
CVE-2015-0384 Unspecified vulnerability in the Siebel Public Sector component in Oracle Siebel CRM 8.1.1 and 8.2.2...
CVE-2015-0385 Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated user...
S
CVE-2015-0386 Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0...
S
CVE-2015-0387 Unspecified vulnerability in the Siebel Core - Server OM Services component in Oracle Siebel CRM 8.1...
CVE-2015-0388 Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 ...
CVE-2015-0389 Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 P...
S
CVE-2015-0390 Unspecified vulnerability in the MICROS Retail component in Oracle Retail Applications Xstore: 3.2.1...
S
CVE-2015-0391 Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows ...
S
CVE-2015-0392 Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM...
CVE-2015-0393 Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.1...
S
CVE-2015-0394 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2015-0395 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to ...
S
CVE-2015-0396 Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1...
S
CVE-2015-0397 Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via unk...
S
CVE-2015-0398 Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8.2.2...
CVE-2015-0399 Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle...
S
CVE-2015-0400 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect c...
S
CVE-2015-0401 Unspecified vulnerability in the Oracle Directory Server Enterprise Edition component in Oracle Fusi...
S
CVE-2015-0402 Unspecified vulnerability in the Siebel Core - Server BizLogic Script component in Oracle Siebel CRM...
S
CVE-2015-0403 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confid...
S
CVE-2015-0404 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
S
CVE-2015-0405 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated user...
CVE-2015-0406 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect c...
S
CVE-2015-0407 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to ...
S
CVE-2015-0408 Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to ...
CVE-2015-0409 Unspecified vulnerability in Oracle MySQL Server 5.6.21 and earlier allows remote authenticated user...
S
CVE-2015-0410 Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u...
S
CVE-2015-0411 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows ...
S
CVE-2015-0412 Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect c...
S
CVE-2015-0413 Unspecified vulnerability in Oracle Java SE 7u72 and 8u25 allows local users to affect integrity via...
S
CVE-2015-0414 Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 and...
S
CVE-2015-0415 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
S
CVE-2015-0416 Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9....
S
CVE-2015-0417 Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 ...
S
CVE-2015-0418 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox ...
S
CVE-2015-0419 Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 ...
S
CVE-2015-0420 Unspecified vulnerability in the Oracle Forms component in Oracle Fusion Middleware 11.1.1.7 and 11....
S
CVE-2015-0421 Unspecified vulnerability in Oracle Java SE 8u25 allows local users to affect confidentiality, integ...
S
CVE-2015-0422 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
S
CVE-2015-0423 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated user...
CVE-2015-0424 Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun System...
S
CVE-2015-0425 Unspecified vulnerability in the Oracle Enterprise Asset Management component in Oracle Siebel CRM 8...
S
CVE-2015-0426 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
S
CVE-2015-0427 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox ...
CVE-2015-0428 Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect availability ...
S
CVE-2015-0429 Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity and...
S
CVE-2015-0430 Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect confidentiali...
S
CVE-2015-0431 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
S
CVE-2015-0432 Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier allows remote authenticated user...
S
CVE-2015-0433 Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows ...
S
CVE-2015-0434 Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1....
CVE-2015-0435 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
S
CVE-2015-0436 Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows r...
S
CVE-2015-0437 Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, ...
S
CVE-2015-0438 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated user...
CVE-2015-0439 Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated user...
CVE-2015-0440 Unspecified vulnerability in the Oracle Knowledge component in Oracle Right Now Service Cloud 8.2.3....
CVE-2015-0441 Unspecified vulnerability in Oracle MySQL Server 5.5.41 and earlier, and 5.6.22 and earlier, allows ...
CVE-2015-0442 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0443 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1...
S
CVE-2015-0444 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1...
S
CVE-2015-0445 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1...
S
CVE-2015-0446 Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1...
S
CVE-2015-0447 Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business...
S
CVE-2015-0448 Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i...
S
CVE-2015-0449 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6...
S
CVE-2015-0450 Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1....
CVE-2015-0451 Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 3.0-04 allows ...
CVE-2015-0452 Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products...
CVE-2015-0453 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2015-0454 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0455 Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.3, 11...
CVE-2015-0456 Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1....
CVE-2015-0457 Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11....
S
CVE-2015-0458 Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affec...
CVE-2015-0459 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows ...
CVE-2015-0460 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to ...
CVE-2015-0461 Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1....
CVE-2015-0462 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
CVE-2015-0463 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
CVE-2015-0464 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
CVE-2015-0465 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
CVE-2015-0466 Unspecified vulnerability in the Oracle Retail Back Office component in Oracle Retail Applications 1...
CVE-2015-0467 Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager component in O...
S
CVE-2015-0468 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, ...
S
CVE-2015-0469 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to ...
CVE-2015-0470 Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect integrity via unk...
CVE-2015-0471 Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect confidentia...
CVE-2015-0472 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2015-0473 Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man...
CVE-2015-0474 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2015-0475 Unspecified vulnerability in the JD Edwards EnterpriseOne Technology component in Oracle JD Edwards ...
CVE-2015-0476 Unspecified vulnerability in the SQL Trace Analyzer component in Oracle Support Tools before 12.1.11...
CVE-2015-0477 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to ...
CVE-2015-0478 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allow...
CVE-2015-0479 Unspecified vulnerability in the XDK and XDB - XML Database component in Oracle Database Server 11.2...
CVE-2015-0480 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to ...
CVE-2015-0481 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0482 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.2...
CVE-2015-0483 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, ...
CVE-2015-0484 Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attacke...
CVE-2015-0485 Unspecified vulnerability in the PeopleSoft Enterprise SCM Strategic Sourcing component in Oracle Pe...
CVE-2015-0486 Unspecified vulnerability in Oracle Java SE 8u40 allows remote attackers to affect confidentiality v...
CVE-2015-0487 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2015-0488 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allow...
CVE-2015-0489 Unspecified vulnerability in the Application Management Pack for Oracle E-Business Suite component i...
CVE-2015-0490 Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle Supply...
CVE-2015-0491 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and Java FX 2.2.76, allows...
CVE-2015-0492 Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attacker...
CVE-2015-0493 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2015-0494 Unspecified vulnerability in the Oracle Retail Central Office component in Oracle Retail Application...
CVE-2015-0495 Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager ...
CVE-2015-0496 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr...
CVE-2015-0497 Unspecified vulnerability in the PeopleSoft Enterprise Portal Interaction Hub component in Oracle Pe...
CVE-2015-0498 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user...
CVE-2015-0499 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows ...
CVE-2015-0500 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user...
CVE-2015-0501 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows ...
CVE-2015-0502 Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1 and 8.2 allo...
CVE-2015-0503 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user...
CVE-2015-0504 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2015-0505 Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows ...
CVE-2015-0506 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user...
CVE-2015-0507 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user...
CVE-2015-0508 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user...
CVE-2015-0509 Unspecified vulnerability in the Oracle Hyperion BI+ component in Oracle Hyperion 11.1.2.2 and 11.1....
CVE-2015-0510 Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4,...
CVE-2015-0511 Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user...
CVE-2015-0512 Open redirect vulnerability in EMC Unisphere Central before 4.0 allows remote attackers to redirect ...
CVE-2015-0513 Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in EMC M&R ...
CVE-2015-0514 EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 might allow remote attackers to obtai...
E
CVE-2015-0515 Unrestricted file upload vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3...
CVE-2015-0516 Directory traversal vulnerability in EMC M&R (aka Watch4Net) before 6.5u1 and ViPR SRM before 3.6.1 ...
E
CVE-2015-0517 The D2-API component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 before 4.1 P22, and 4.2 befor...
CVE-2015-0518 The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 a...
CVE-2015-0519 The InputAccel Database (IADB) installation process in EMC Captiva Capture 7.0 before patch 25 and 7...
CVE-2015-0520 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0521 Cross-site scripting (XSS) vulnerability in EMC RSA Certificate Manager (RCM) before 6.9 build 558 a...
CVE-2015-0522 Cross-site scripting (XSS) vulnerability in EMC RSA Certificate Manager (RCM) before 6.9 build 558 a...
CVE-2015-0523 EMC RSA Certificate Manager (RCM) before 6.9 build 558 and RSA Registration Manager (RRM) before 6.9...
CVE-2015-0524 SQL injection vulnerability in the Gateway Provisioning service in EMC Secure Remote Services Virtua...
E
CVE-2015-0525 The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3....
E
CVE-2015-0526 Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Validation Manager (RVM) 3.2 before b...
CVE-2015-0527 EMC Documentum xCelerated Management System (xMS) 1.1 before P14 stores cleartext Windows Service cr...
CVE-2015-0528 The RPC daemon in EMC Isilon OneFS 6.5.x and 7.0.x before 7.0.2.13, 7.1.0 before 7.1.0.6, 7.1.1 befo...
CVE-2015-0529 EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default passwords for the (1) emcupdate an...
CVE-2015-0530 Buffer overflow in an unspecified function in nsr_render_log in EMC NetWorker before 8.0.4.3, 8.1.x ...
CVE-2015-0531 EMC SourceOne Email Management before 7.2 does not have a lockout mechanism for invalid login attemp...
CVE-2015-0532 EMC RSA Identity Management and Governance (IMG) 6.9 before P04 and 6.9.1 before P01 does not proper...
CVE-2015-0533 EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-...
CVE-2015-0534 EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-...
CVE-2015-0535 EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-...
CVE-2015-0536 EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-...
CVE-2015-0537 Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4...
CVE-2015-0538 ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute...
CVE-2015-0539 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0540 SQL injection vulnerability in the xAdmin interface in EMC Document Sciences xPression 4.2 before P4...
CVE-2015-0541 Cross-site request forgery (CSRF) vulnerability in EMC RSA Web Threat Detection before 5.1 allows re...
CVE-2015-0542 Multiple cross-site request forgery (CSRF) vulnerabilities in EMC RSA Archer GRC 5.5 SP1 before P3 a...
CVE-2015-0543 EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly verify X.509 ...
CVE-2015-0544 EMC Secure Remote Services Virtual Edition (ESRS VE) 3.x before 3.06 does not properly generate rand...
CVE-2015-0545 EMC Unisphere for VMAX 8.x before 8.0.3.4 sets up the Java Debugging Wire Protocol (JDWP) service, w...
CVE-2015-0546 EMC Unified Infrastructure Manager/Provisioning (UIM/P) 4.1 allows remote attackers to bypass LDAP a...
CVE-2015-0547 The D2CenterstageService.getComments service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16 ...
CVE-2015-0548 The D2DownloadService.getDownloadUrls service method in EMC Documentum D2 4.1 and 4.2 before 4.2 P16...
CVE-2015-0549 Cross-site scripting (XSS) vulnerability in EMC Documentum D2 before 4.5 allows remote authenticated...
CVE-2015-0550 Directory traversal vulnerability in EMC Documentum Thumbnail Server 6.7SP1 before P32, 6.7SP2 befor...
CVE-2015-0551 Multiple cross-site scripting (XSS) vulnerabilities in EMC Documentum WebTop 6.7SP1 before P31, 6.7S...
CVE-2015-0552 Directory traversal vulnerability in the gcab_folder_extract function in libgcab/gcab-folder.c in gc...
E
CVE-2015-0553 Cross-site scripting (XSS) vulnerability in admin/pages/modify.php in WebsiteBaker 2.8.3 SP3 allows ...
E
CVE-2015-0554 The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6 do...
E
CVE-2015-0555 Buffer overflow in the XnsSdkDeviceIpInstaller.ocx ActiveX control in Samsung iPOLiS Device Manager ...
E
CVE-2015-0556 Open-source ARJ archiver 3.10.22 allows remote attackers to conduct directory traversal attacks via ...
E
CVE-2015-0557 Open-source ARJ archiver 3.10.22 does not properly remove leading slashes from paths, which allows r...
E
CVE-2015-0558 The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6, a...
E
CVE-2015-0559 Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wi...
CVE-2015-0560 The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissect...
CVE-2015-0561 asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 do...
CVE-2015-0562 Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing...
CVE-2015-0563 epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x be...
CVE-2015-0564 Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wiresha...
CVE-2015-0565 NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible....
E
CVE-2015-0568 Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in...
CVE-2015-0569 Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext....
E
CVE-2015-0570 Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN...
CVE-2015-0571 The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center ...
CVE-2015-0572 Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC ...
S
CVE-2015-0573 drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qu...
S
CVE-2015-0574 In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of fi...
CVE-2015-0575 In all Qualcomm products with Android releases from CAF using the Linux kernel, insecure ciphersuite...
CVE-2015-0576 In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu...
S
CVE-2015-0577 Multiple cross-site scripting (XSS) vulnerabilities in the IronPort Spam Quarantine (ISQ) page in Ci...
CVE-2015-0578 Cisco Adaptive Security Appliance (ASA) Software, when a DHCPv6 relay is configured, allows remote a...
CVE-2015-0579 Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway allow remote attackers to c...
CVE-2015-0580 Multiple SQL injection vulnerabilities in the ACS View reporting interface pages in Cisco Secure Acc...
CVE-2015-0581 The XML parser in Cisco Prime Service Catalog before 10.1 allows remote authenticated users to read ...
CVE-2015-0582 The High Availability (HA) subsystem in Cisco NX-OS on MDS 9000 devices allows remote attackers to c...
CVE-2015-0583 Cisco WebEx Meeting Center does not properly restrict the content of URLs, which allows remote attac...
CVE-2015-0584 The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration Desk E...
CVE-2015-0586 The Network-Based Application Recognition (NBAR) protocol implementation in Cisco IOS 15.3(100)M and...
CVE-2015-0588 Cross-site request forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager (UCDM...
CVE-2015-0589 The administrative web interface in Cisco WebEx Meetings Server 1.0 through 1.5 allows remote authen...
CVE-2015-0590 Cisco WebEx Meeting Center allows remote attackers to activate disabled meeting attributes, and cons...
CVE-2015-0591 Cisco Unified Communications Domain Manager (UCDM) 10 allows remote attackers to cause a denial of s...
CVE-2015-0592 The Zone-Based Firewall implementation in Cisco IOS 15.4(2)T3 and earlier allows remote attackers to...
CVE-2015-0593 The Zone-Based Firewall implementation in Cisco IOS 12.4(122)T and earlier does not properly manage ...
CVE-2015-0594 Multiple cross-site scripting (XSS) vulnerabilities in the help pages in Cisco Common Services, as u...
CVE-2015-0595 The XMLAPI in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote attackers to obtain ...
CVE-2015-0596 Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 1.5(.1.131) and earli...
CVE-2015-0597 The Forgot Password feature in Cisco WebEx Meetings Server 1.5(.1.131) and earlier allows remote att...
CVE-2015-0598 The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of servi...
CVE-2015-0599 The web interface in Cisco Integrated Management Controller in Cisco Unified Computing System (UCS) ...
CVE-2015-0600 The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remo...
CVE-2015-0601 Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial o...
CVE-2015-0602 The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remo...
CVE-2015-0603 Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified ...
CVE-2015-0604 The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote at...
CVE-2015-0605 The uuencode inspection engine in Cisco AsyncOS on Cisco Email Security Appliance (ESA) devices 8.5 ...
CVE-2015-0606 The IOS Shell in Cisco IOS allows local users to cause a denial of service (device crash) via unspec...
CVE-2015-0607 The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from...
CVE-2015-0608 Race condition in the Measurement, Aggregation, and Correlation Engine (MACE) implementation in Cisc...
CVE-2015-0609 Race condition in the Common Classification Engine (CCE) in the Measurement, Aggregation, and Correl...
CVE-2015-0610 Race condition in the object-group ACL feature in Cisco IOS 15.5(2)T and earlier allows remote attac...
CVE-2015-0611 The administrative web-management portal in Cisco IX 8 (.0.1) and earlier on Cisco TelePresence IX50...
CVE-2015-0612 The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1...
CVE-2015-0613 The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1...
CVE-2015-0614 The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1...
CVE-2015-0615 The call-handling implementation in Cisco Unity Connection 8.5 before 8.5(1)SU7, 8.6 before 8.6(2a)S...
CVE-2015-0616 The Connection Conversation Manager (aka CuCsMgr) process in Cisco Unity Connection 8.5 before 8.5(1...
CVE-2015-0617 Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices allow remote attackers to cause a...
CVE-2015-0618 Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4 on...
CVE-2015-0619 Memory leak in the embedded web server in the WebVPN subsystem in Cisco Adaptive Security Appliance ...
CVE-2015-0620 The XML parser in Cisco TelePresence Management Suite (TMS) 14.3(.2) and earlier does not properly h...
CVE-2015-0621 Cisco TelePresence MCU devices with software 4.5(1.45) allow remote attackers to cause a denial of s...
CVE-2015-0622 The Wireless Intrusion Detection (aka WIDS) functionality on Cisco Wireless LAN Controller (WLC) dev...
CVE-2015-0623 Cross-site scripting (XSS) vulnerability in the Administrator report page on Cisco Web Security Appl...
CVE-2015-0624 The web framework in Cisco AsyncOS on Email Security Appliance (ESA), Content Security Management Ap...
E
CVE-2015-0626 The SOAP interface in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to obtain ac...
CVE-2015-0628 The proxy engine on Cisco Web Security Appliance (WSA) devices allows remote attackers to bypass int...
CVE-2015-0631 Race condition in the SSL implementation on Cisco Intrusion Prevention System (IPS) devices allows r...
CVE-2015-0632 Race condition in the Neighbor Discovery (ND) protocol implementation in Cisco IOS and IOS XE allows...
CVE-2015-0633 The Integrated Management Controller (IMC) in Cisco Unified Computing System (UCS) 1.4(7h) and earli...
CVE-2015-0634 Cross-site scripting (XSS) vulnerability in the administrative interface in Cisco WebEx Meetings Ser...
CVE-2015-0635 The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15...
CVE-2015-0636 The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15...
CVE-2015-0637 The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15...
CVE-2015-0638 Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3, when a VRF interface is configured, allows remote attack...
CVE-2015-0639 The Common Flow Table (CFT) feature in Cisco IOS XE 3.6 and 3.7 before 3.7.1S, 3.8 before 3.8.0S, 3....
CVE-2015-0640 The high-speed logging (HSL) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S...
CVE-2015-0641 Cisco IOS XE 2.x and 3.x before 3.9.0S, 3.10 before 3.10.0S, 3.11 before 3.11.0S, 3.12 before 3.12.0...
CVE-2015-0642 Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12....
CVE-2015-0643 Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, and 15.4 and IOS XE 2.5.x, 2.6.x, 3.1.xS through 3.12....
CVE-2015-0644 AppNav in Cisco IOS XE 3.8 through 3.10 before 3.10.3S, 3.11 before 3.11.3S, 3.12 before 3.12.1S, 3....
CVE-2015-0645 The Layer 4 Redirect (L4R) feature in Cisco IOS XE 2.x and 3.x before 3.10.4S, 3.11 before 3.11.3S, ...
CVE-2015-0646 Memory leak in the TCP input module in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3...
CVE-2015-0647 Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (dev...
CVE-2015-0648 Memory leak in Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial ...
CVE-2015-0649 Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (dev...
CVE-2015-0650 The Service Discovery Gateway (aka mDNS Gateway) in Cisco IOS 12.2, 12.4, 15.0, 15.1, 15.2, 15.3, an...
CVE-2015-0651 Cross-site request forgery (CSRF) vulnerability in the web GUI in Cisco Application Networking Manag...
CVE-2015-0652 The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Serv...
CVE-2015-0653 The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway...
CVE-2015-0654 Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion P...
CVE-2015-0655 Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web and...
CVE-2015-0656 Cross-site scripting (XSS) vulnerability in the login page in Cisco Network Analysis Module (NAM) al...
CVE-2015-0657 Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malfor...
CVE-2015-0658 The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not prop...
CVE-2015-0659 The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS allows remote attackers to...
CVE-2015-0660 Cisco Virtual TelePresence Server Software does not properly restrict use of the serial port, which ...
CVE-2015-0661 The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of ser...
CVE-2015-0662 Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privilege...
CVE-2015-0663 Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access c...
CVE-2015-0664 The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local user...
CVE-2015-0665 The Hostscan module in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local ...
CVE-2015-0666 Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager...
KEV
CVE-2015-0667 The Management Interface on Cisco Content Services Switch (CSS) 11500 devices 8.20.4.02 and earlier ...
CVE-2015-0668 Cross-site scripting (XSS) vulnerability in the administration portal in Cisco WebEx Meetings Server...
CVE-2015-0669 The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows ...
CVE-2015-0670 The default configuration of Cisco Small Business IP phones SPA 300 7.5.5 and SPA 500 7.5.5 does not...
CVE-2015-0671 The DNS implementation in Cisco Videoscape Distribution Suite for Internet Streaming (VDS-IS) 3.2(1)...
CVE-2015-0672 The DHCPv4 server in Cisco IOS XR 5.2.2 on ASR 9000 devices allows remote attackers to cause a denia...
CVE-2015-0673 Cisco Mobility Services Engine (MSE) 8.0(110.0) allows remote authenticated users to discover the pa...
CVE-2015-0674 Cross-site scripting (XSS) vulnerability in the Alert Service of Cisco Cloud Web Security base revis...
CVE-2015-0675 The failover ipsec implementation in Cisco Adaptive Security Appliance (ASA) Software 9.1 before 9.1...
CVE-2015-0676 The DNS implementation in Cisco Adaptive Security Appliance (ASA) Software 7.2 before 7.2(5.16), 8.2...
CVE-2015-0677 The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), 8.6 before ...
CVE-2015-0678 The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and...
CVE-2015-0679 The web-authentication functionality on Cisco Wireless LAN Controller (WLC) devices 7.3(103.8) and 7...
CVE-2015-0680 Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which a...
CVE-2015-0681 The TFTP server in Cisco IOS 12.2(44)SQ1, 12.2(33)XN1, 12.4(25e)JAM1, 12.4(25e)JAO5m, 12.4(23)JY, 15...
CVE-2015-0682 Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to execute arbi...
CVE-2015-0683 Cisco Unified Communications Domain Manager 8.1(4) allows remote authenticated users to obtain sensi...
CVE-2015-0684 SQL injection vulnerability in the Image Management component in Cisco Unified Communications Domain...
CVE-2015-0685 Cisco IOS XE before 3.7.5S on ASR 1000 devices does not properly handle route adjacencies, which all...
CVE-2015-0686 The SNMP implementation in Cisco NX-OS 6.1(2)I2(3) on Nexus 9000 devices, when a Reset High Availabi...
CVE-2015-0687 The SNMP implementation in Cisco IOS 15.1(2)SG4 on Catalyst 4500 devices, when single-switch Virtual...
CVE-2015-0688 Cisco IOS XE 3.10.2S on an ASR 1000 device with an Embedded Services Processor (ESP) module, when NA...
CVE-2015-0689 Cisco Cloud Web Security before 3.0.1.7 allows remote attackers to bypass intended filtering protect...
CVE-2015-0690 Cross-site scripting (XSS) vulnerability in the HTML help system on Cisco Wireless LAN Controller (W...
CVE-2015-0691 A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remo...
M
CVE-2015-0692 Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use ...
CVE-2015-0693 Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use ...
CVE-2015-0694 Cisco ASR 9000 devices with software 5.3.0.BASE do not recognize that certain ACL entries have a sin...
CVE-2015-0695 Cisco IOS XR 4.3.4 through 5.3.0 on ASR 9000 devices, when uRPF, PBR, QoS, or an ACL is configured, ...
CVE-2015-0696 Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisc...
CVE-2015-0697 Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3....
CVE-2015-0698 Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cis...
CVE-2015-0699 SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Commu...
CVE-2015-0700 Cross-site request forgery (CSRF) vulnerability in the Dashboard page in the monitoring-and-report s...
CVE-2015-0701 Cisco UCS Central Software before 1.3(1a) allows remote attackers to execute arbitrary commands via ...
CVE-2015-0702 Unrestricted file upload vulnerability in the Custom Prompts upload implementation in Cisco Unified ...
CVE-2015-0703 Cross-site scripting (XSS) vulnerability in the administrative web interface in Cisco Unified Meetin...
CVE-2015-0704 Multiple cross-site request forgery (CSRF) vulnerabilities in API features in Cisco Unified MeetingP...
CVE-2015-0705 Cross-site request forgery (CSRF) vulnerability in the SOAP API endpoints of the web-services direct...
CVE-2015-0706 Open redirect vulnerability in Cisco FireSIGHT System Software 5.3.1.1, 5.3.1.2, and 6.0.0 in FireSI...
CVE-2015-0707 Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in Fir...
CVE-2015-0708 Cisco IOS 15.4S, 15.4SN, and 15.5S and IOS XE 3.13S and 3.14S allow remote attackers to cause a deni...
CVE-2015-0709 Cisco IOS 15.5S and IOS XE allow remote authenticated users to cause a denial of service (device cra...
CVE-2015-0710 The Overlay Transport Virtualization (OTV) implementation in Cisco IOS XE 3.10S allows remote attack...
CVE-2015-0711 The hamgr service in the IPv6 Proxy Mobile (PM) implementation in Cisco StarOS 18.1.0.59776 on ASR 5...
CVE-2015-0712 The session-manager service in Cisco StarOS 12.0, 12.2(300), 14.0, and 14.0(600) on ASR 5000 devices...
CVE-2015-0713 The web framework in Cisco TelePresence Advanced Media Gateway Series Software before 1.1(1.40), Cis...
CVE-2015-0714 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1...
CVE-2015-0715 SQL injection vulnerability in the administrative web interface in Cisco Unified Communications Mana...
CVE-2015-0716 Cross-site request forgery (CSRF) vulnerability in the CUCReports page in Cisco Unity Connection 11....
CVE-2015-0717 Cisco Unified Communications Manager 10.0(1.10000.12) allows local users to gain privileges via a co...
CVE-2015-0718 Cisco NX-OS 4.0 through 6.1 on Nexus 1000V 3000, 4000, 5000, 6000, and 7000 devices and Unified Comp...
CVE-2015-0721 Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 55...
CVE-2015-0722 The network drivers in Cisco TelePresence T, Cisco TelePresence TE, and Cisco TelePresence TC before...
CVE-2015-0723 The wireless web-authentication subsystem on Cisco Wireless LAN Controller (WLC) devices 7.5.x and 7...
CVE-2015-0724 Multiple cross-site scripting (XSS) vulnerabilities in dncs 7.0.0.12 in Cisco Headend Digital Broadb...
CVE-2015-0725 Cisco Videoscape Distribution Suite Service Broker (aka VDS-SB), when a VDSM configuration on UCS is...
S
CVE-2015-0726 The web administration interface on Cisco Wireless LAN Controller (WLC) devices before 7.0.241, 7.1....
CVE-2015-0727 Cross-site scripting (XSS) vulnerability in the HTTP module in Cisco Security Manager (CSM) 4.7(0)SP...
CVE-2015-0728 Cross-site scripting (XSS) vulnerability in Cisco Access Control Server (ACS) 5.5(0.1) allows remote...
CVE-2015-0729 Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server Solution Engine (ACSE...
CVE-2015-0730 The SMB module in Cisco Wide Area Application Services (WAAS) 6.0(1) allows remote attackers to caus...
CVE-2015-0731 The ISDN implementation in Cisco IOS 15.3S allows remote attackers to cause a denial of service (dev...
CVE-2015-0732 Cross-site scripting (XSS) vulnerability in Cisco AsyncOS on the Web Security Appliance (WSA) 9.0.0-...
CVE-2015-0733 CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisc...
CVE-2015-0734 Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Email Security Appliance (ESA) 8.5....
CVE-2015-0735 Cross-site request forgery (CSRF) vulnerability in Cisco Unified Customer Voice Portal (CVP) 10.5(1)...
CVE-2015-0736 Cross-site request forgery (CSRF) vulnerability in Cisco MediaSense 10.5(1) and earlier allows remot...
CVE-2015-0737 Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.1 allow...
CVE-2015-0738 Cross-site scripting (XSS) vulnerability in the Web Tracking Report page on Cisco Web Security Appli...
CVE-2015-0739 The Lights-Out Management (LOM) implementation in Cisco FireSIGHT System Software 5.3.0 on Sourcefir...
CVE-2015-0740 Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center 10.6(1) allows ...
CVE-2015-0741 Multiple cross-site request forgery (CSRF) vulnerabilities in Cisco Prime Central for Hosted Collabo...
CVE-2015-0742 The Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Soft...
CVE-2015-0743 Cisco Headend System Release allows remote attackers to cause a denial of service (DHCP and TFTP out...
CVE-2015-0744 Cisco DTA Control System (DTACS) 4.0.0.9 and Cisco Headend System Release allow remote attackers to ...
CVE-2015-0745 Cisco Headend System Release allows remote attackers to read temporary script files or archive files...
CVE-2015-0746 The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a den...
CVE-2015-0747 Cisco Conductor for Videoscape 3.0 and Cisco Headend System Release allow remote attackers to inject...
CVE-2015-0749 Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
CVE-2015-0750 The administrative web interface in Cisco Hosted Collaboration Solution (HCS) 10.6(1) and earlier al...
CVE-2015-0751 Cisco IP Phone 7861, when firmware from Cisco Unified Communications Manager 10.3(1) is used, allows...
CVE-2015-0752 Cross-site scripting (XSS) vulnerability in Cisco TelePresence Video Communication Server (VCS) X8.5...
CVE-2015-0753 SQL injection vulnerability in Cisco Unified Email Interaction Manager (EIM) and Unified Web Interac...
CVE-2015-0754 Cisco Finesse 10.5(1) allows remote authenticated users to obtain sensitive information or cause a d...
CVE-2015-0755 The Posture module for Cisco Identity Services Engine (ISE), as distributed in Cisco AnyConnect Secu...
CVE-2015-0756 Cisco Wireless LAN Controller (WLC) devices with software 7.4(1.1) allow remote attackers to cause a...
CVE-2015-0757 The web framework in Cisco Identity Services Engine (ISE) 1.2(1.901) and 1.3(0.722) does not properl...
CVE-2015-0758 The web-based user interface in Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read ...
CVE-2015-0759 Cross-site request forgery (CSRF) vulnerability in Cisco Headend Digital Broadband Delivery System a...
CVE-2015-0760 The IKEv1 implementation in Cisco ASA Software 7.x, 8.0.x, 8.1.x, and 8.2.x before 8.2.2.13 allows r...
CVE-2015-0761 Cisco AnyConnect Secure Mobility Client before 3.1(8009) and 4.x before 4.0(2052) on Linux does not ...
CVE-2015-0762 Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unified MeetingPlace 8...
CVE-2015-0763 Cisco Unified MeetingPlace 8.6(1.2) does not properly validate session IDs in http URLs, which allow...
CVE-2015-0764 Cisco Unified MeetingPlace 8.6(1.9) allows remote attackers to read arbitrary files via a crafted re...
CVE-2015-0765 Cisco ONS 15454 System Software 10.30 and 10.301 allows remote attackers to cause a denial of servic...
CVE-2015-0766 Multiple cross-site scripting (XSS) vulnerabilities in the administrative web interface in the Manag...
CVE-2015-0767 Cisco Edge 300 software 1.0 and 1.1 on Edge 340 devices allows local users to obtain root privileges...
CVE-2015-0768 The Device Work Center (DWC) component in Cisco Prime Network Control System (NCS) 2.1(0.0.85), 2.2(...
CVE-2015-0769 Cisco IOS XR 4.0.1 through 4.2.0 for CRS-3 Carrier Routing System allows remote attackers to cause a...
CVE-2015-0770 CRLF injection vulnerability in Cisco TelePresence TC 6.x before 6.3.4 and 7.x before 7.3.3 on Integ...
CVE-2015-0771 The IKE implementation in the WS-IPSEC-3 service module in Cisco IOS 12.2 on Catalyst 6500 devices a...
CVE-2015-0772 Cisco TelePresence Video Communication Server (VCS) X8.5RC4 allows remote attackers to cause a denia...
CVE-2015-0773 Cisco FireSIGHT System Software 5.3.1.3 and 6.0.0 allows remote authenticated users to delete an arb...
CVE-2015-0774 Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5...
CVE-2015-0775 The banner (aka MOTD) implementation in Cisco NX-OS 4.1(2)E1(1f) on Nexus 4000 devices, 5.2(1)SV3(2....
CVE-2015-0776 telnetd in Cisco IOS XR 5.0.1 on Network Convergence System 6000 devices allows remote attackers to ...
CVE-2015-0777 drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for the L...
CVE-2015-0778 osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in...
CVE-2015-0779 Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM)...
E
CVE-2015-0780 SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZE...
CVE-2015-0781 Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Config...
CVE-2015-0782 SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Con...
CVE-2015-0783 The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated u...
CVE-2015-0784 Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Ses...
CVE-2015-0785 com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Managemen...
CVE-2015-0786 Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZEN...
CVE-2015-0787 XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary ...
CVE-2015-0788 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0789 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0790 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0791 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0792 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0793 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0794 modules.d/90crypt/module-setup.sh in the dracut package before 037-17.30.1 in openSUSE 13.2 allows l...
CVE-2015-0795 Multiple stack-based buffer overflows in the SafeShellExecute method in the NetIQExecObject.NetIQExe...
CVE-2015-0796 open build service source server symlink exploitation via source patch
CVE-2015-0797 GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Th...
S
CVE-2015-0798 The Reader mode feature in Mozilla Firefox before 37.0.1 on Android, and Desktop Firefox pre-release...
CVE-2015-0799 The HTTP Alternative Services feature in Mozilla Firefox before 37.0.1 allows man-in-the-middle atta...
CVE-2015-0800 The PRNG implementation in the DNS resolver in Mozilla Firefox (aka Fennec) before 37.0 on Android d...
CVE-2015-0801 Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 allow remote ...
CVE-2015-0802 Mozilla Firefox before 37.0 relies on docshell type information instead of page principal informatio...
E
CVE-2015-0803 The HTMLSourceElement::AfterSetAttr function in Mozilla Firefox before 37.0 does not properly constr...
CVE-2015-0804 The HTMLSourceElement::BindToTree function in Mozilla Firefox before 37.0 does not properly constrai...
CVE-2015-0805 The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 makes an incorr...
CVE-2015-0806 The Off Main Thread Compositing (OMTC) implementation in Mozilla Firefox before 37.0 attempts to use...
CVE-2015-0807 The navigator.sendBeacon implementation in Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6...
CVE-2015-0808 The webrtc::VPMContentAnalysis::Release function in the WebRTC implementation in Mozilla Firefox bef...
CVE-2015-0810 Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows remote ...
CVE-2015-0811 The QCMS implementation in Mozilla Firefox before 37.0 allows remote attackers to obtain sensitive i...
CVE-2015-0812 Mozilla Firefox before 37.0 does not require an HTTPS session for lightweight theme add-on installat...
CVE-2015-0813 Use-after-free vulnerability in the AppendElements function in Mozilla Firefox before 37.0, Firefox ...
CVE-2015-0814 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0 allow remo...
CVE-2015-0815 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 37.0, Firefox E...
CVE-2015-0816 Mozilla Firefox before 37.0, Firefox ESR 31.x before 31.6, and Thunderbird before 31.6 do not proper...
E
CVE-2015-0817 The asm.js implementation in Mozilla Firefox before 36.0.3, Firefox ESR 31.x before 31.5.2, and SeaM...
CVE-2015-0818 Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow rem...
CVE-2015-0819 The UITour::onPageEvent function in Mozilla Firefox before 36.0 does not ensure that an API call ori...
CVE-2015-0820 Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-...
CVE-2015-0821 Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute...
CVE-2015-0822 The Form Autocompletion feature in Mozilla Firefox before 36.0, Firefox ESR 31.x before 31.5, and Th...
CVE-2015-0823 Multiple use-after-free vulnerabilities in OpenType Sanitiser, as used in Mozilla Firefox before 36....
S
CVE-2015-0824 The mozilla::layers::BufferTextureClient::AllocateForSurface function in Mozilla Firefox before 36.0...
CVE-2015-0825 Stack-based buffer underflow in the mozilla::MP3FrameParser::ParseBuffer function in Mozilla Firefox...
CVE-2015-0826 The nsTransformedTextRun::SetCapitalization function in Mozilla Firefox before 36.0 allows remote at...
CVE-2015-0827 Heap-based buffer overflow in the mozilla::gfx::CopyRect function in Mozilla Firefox before 36.0, Fi...
CVE-2015-0828 Double free vulnerability in the nsXMLHttpRequest::GetResponse function in Mozilla Firefox before 36...
CVE-2015-0829 Buffer overflow in libstagefright in Mozilla Firefox before 36.0 allows remote attackers to execute ...
CVE-2015-0830 The WebGL implementation in Mozilla Firefox before 36.0 does not properly allocate memory for copyin...
CVE-2015-0831 Use-after-free vulnerability in the mozilla::dom::IndexedDB::IDBObjectStore::CreateIndex function in...
CVE-2015-0832 Mozilla Firefox before 36.0 does not properly recognize the equivalence of domain names with and wit...
CVE-2015-0833 Multiple untrusted search path vulnerabilities in updater.exe in Mozilla Firefox before 36.0, Firefo...
CVE-2015-0834 The WebRTC subsystem in Mozilla Firefox before 36.0 recognizes turns: and stuns: URIs but accesses t...
CVE-2015-0835 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0 allow remo...
CVE-2015-0836 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 36.0, Firefox E...
CVE-2015-0837 The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain s...
CVE-2015-0838 Buffer overflow in the C implementation of the apply_delta function in _pack.c in Dulwich before 0.9...
CVE-2015-0839 The hp-plugin utility in HP Linux Imaging and Printing (HPLIP) makes it easier for man-in-the-middle...
CVE-2015-0840 The dpkg-source command in Debian dpkg before 1.16.16 and 1.17.x before 1.17.25 allows remote attack...
S
CVE-2015-0841 Off-by-one error in the readBuf function in listener.cpp in libcapsinetwork and monopd before 0.9.8,...
CVE-2015-0844 The WML/Lua API in Battle for Wesnoth 1.7.x through 1.11.x and 1.12.x before 1.12.2 allows remote at...
CVE-2015-0845 Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and...
CVE-2015-0846 django-markupfield before 1.3.2 uses the default docutils RESTRUCTUREDTEXT_FILTER_SETTINGS settings,...
CVE-2015-0847 nbd-server.c in Network Block Device (nbd-server) before 3.11 does not properly handle signals, whic...
S
CVE-2015-0848 Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (c...
CVE-2015-0850 The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via a...
S
CVE-2015-0851 XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth Service Provider (SP), does not prop...
CVE-2015-0852 Multiple integer underflows in PluginPCX.cpp in FreeImage 3.17.0 and earlier allow remote attackers ...
S
CVE-2015-0853 svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute arbit...
E
CVE-2015-0854 App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute ar...
S
CVE-2015-0855 The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute ...
S
CVE-2015-0856 daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allo...
CVE-2015-0857 Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell metacharacters...
CVE-2015-0858 Cool Projects TarDiff allows local users to write to arbitrary files via a symlink attack on a pathn...
CVE-2015-0859 The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie befo...
CVE-2015-0860 Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debi...
CVE-2015-0861 model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3....
E
CVE-2015-0862 Multiple cross-site scripting (XSS) vulnerabilities in the management web UI in the RabbitMQ managem...
CVE-2015-0863 GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405....
CVE-2015-0864 Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-m...
CVE-2015-0866 Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.9 befo...
E S
CVE-2015-0867 Directory traversal vulnerability in SYNCK GRAPHICA Download Log CGI 3.0 and earlier allows remote a...
CVE-2015-0868 Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS before 2.91 allo...
CVE-2015-0869 I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service (SSDP reflection...
CVE-2015-0870 Cross-site scripting (XSS) vulnerability in hb.cgi in Nishishi Factory Fumy News Clipper 2.x before ...
S
CVE-2015-0871 Cross-site scripting (XSS) vulnerability in Mrs. Shiromuku Perl CGI shiromuku(u1)GUESTBOOK 1.62 and ...
CVE-2015-0872 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-0873 Cross-site scripting (XSS) vulnerability in Homepage Decorator PerlTreeBBS 2.30 and earlier allows r...
CVE-2015-0874 Smartphone Passbook 1.0.0 does not verify X.509 certificates from SSL servers, which allows man-in-t...
CVE-2015-0875 The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for Android creates a log file contain...
CVE-2015-0876 Multiple cross-site scripting (XSS) vulnerabilities in the print_language_selectbox function in clas...
CVE-2015-0877 Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remo...
CVE-2015-0878 Directory traversal vulnerability in CREAR AL-Mail32 before 1.13d allows remote attackers to write t...
S
CVE-2015-0879 CREAR AL-Mail32 before 1.13d allows remote attackers to cause a denial of service (application crash...
S
CVE-2015-0880 Buffer overflow in CREAR AL-Mail32 before 1.13d allows remote attackers to execute arbitrary code vi...
S
CVE-2015-0881 CRLF injection vulnerability in Squid before 3.1.1 allows remote attackers to inject arbitrary HTTP ...
CVE-2015-0882 Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1....
CVE-2015-0883 SYNCK GRAPHICA Mailform Pro CGI 4.1.4 and 4.1.5, when the mailauth module is enabled, does not prope...
CVE-2015-0884 Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32(T) ...
CVE-2015-0885 checkpw 1.02 and earlier allows remote attackers to cause a denial of service (infinite loop) via a ...
CVE-2015-0886 Integer overflow in the crypt_raw method in the key-stretching implementation in jBCrypt before 0.4 ...
CVE-2015-0887 npppd in the PPP Access Concentrator (PPPAC) on SEIL SEIL/x86 Fuji routers 1.00 through 3.30, SEIL/X...
CVE-2015-0888 KENT-WEB Clip Board before 4.1 allows remote attackers to delete arbitrary files via unspecified vec...
S
CVE-2015-0889 KENT-WEB Joyful Note before 5.3 allows remote attackers to delete files or write to files, and conse...
CVE-2015-0890 The BestWebSoft Google Captcha (aka reCAPTCHA) plugin before 1.13 for WordPress allows remote attack...
CVE-2015-0891 Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Simple Board allows remote attacke...
CVE-2015-0892 Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Image Album allows remote attacker...
CVE-2015-0893 Cross-site scripting (XSS) vulnerability in Maroyaka CGI Maroyaka Relay Novel allows remote attacker...
CVE-2015-0894 SQL injection vulnerability in the All In One WP Security & Firewall plugin before 3.8.8 for WordPre...
S
CVE-2015-0895 Cross-site request forgery (CSRF) vulnerability in the All In One WP Security & Firewall plugin befo...
S
CVE-2015-0896 Multiple cross-site scripting (XSS) vulnerabilities in eXtplorer before 2.1.7 allow remote attackers...
S
CVE-2015-0897 LINE for Android version 5.0.2 and earlier and LINE for iOS version 5.0.0 and earlier are vulnerable...
CVE-2015-0898 futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execu...
S
CVE-2015-0899 The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers ...
S
CVE-2015-0900 Cross-site scripting (XSS) vulnerability in schedule.cgi in Nishishi Factory Fumy Teacher's Schedule...
CVE-2015-0901 Cross-site scripting (XSS) vulnerability in the duwasai flashy theme 1.3 and earlier for WordPress a...
CVE-2015-0902 The Semper Fi All in One SEO Pack plugin before 2.2.6 for WordPress does not consider the presence o...
S
CVE-2015-0903 Buffer overflow in Saitoh Kikaku Maruo Editor 8.51 and earlier allows remote attackers to execute ar...
CVE-2015-0904 The Restaurant Karaoke SHIDAX app 1.3.3 and earlier on Android does not verify SSL certificates, whi...
CVE-2015-0905 Cross-site request forgery (CSRF) vulnerability in bBlog allows remote attackers to hijack the authe...
CVE-2015-0906 Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitra...
CVE-2015-0907 Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a craft...
CVE-2015-0910 Cross-site scripting (XSS) vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows re...
CVE-2015-0911 Directory traversal vulnerability in TAGAWA Takao TransmitMail 1.0.11 through 1.5.8 allows remote at...
CVE-2015-0912 EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspec...
CVE-2015-0913 Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users to ...
CVE-2015-0914 EasyCTF before 1.4 does not validate the session ID, which allows remote attackers to obtain access ...
CVE-2015-0915 Cross-site scripting (XSS) vulnerability in RAKUS MailDealer 11.2.1 and earlier allows remote attack...
CVE-2015-0916 SQL injection vulnerability in graph.php in Cacti before 0.8.6f allows remote authenticated users to...
S
CVE-2015-0917 Cross-site scripting (XSS) vulnerability in the backend in Kajona before 4.6.3 allows remote attacke...
E
CVE-2015-0918 Cross-site scripting (XSS) vulnerability in the administrative backend in Sefrengo before 1.6.1 allo...
E
CVE-2015-0919 Multiple SQL injection vulnerabilities in the administrative backend in Sefrengo before 1.6.1 allow ...
E
CVE-2015-0920 Cross-site request forgery (CSRF) vulnerability in the Banner Effect Header plugin 1.2.6 for WordPre...
E
CVE-2015-0921 XML external entity (XXE) vulnerability in the Server Task Log in McAfee ePolicy Orchestrator (ePO) ...
E S
CVE-2015-0922 McAfee ePolicy Orchestrator (ePO) before 4.6.9 and 5.x before 5.1.2 uses the same secret key across ...
E S
CVE-2015-0923 The ContentBlockEx method in Workarea/ServerControlWS.asmx in Ektron Content Management System (CMS)...
CVE-2015-0924 Ceragon FibeAir IP-10 bridges have a default password for the root account, which makes it easier fo...
CVE-2015-0925 The client in iPass Open Mobile before 2.4.5 on Windows allows remote authenticated users to execute...
CVE-2015-0926 Labtech before 100.237 on Linux uses world-writable permissions for root-executed scripts, which all...
CVE-2015-0928 libhtp 0.5.15 allows remote attackers to cause a denial of service (NULL pointer dereference)....
CVE-2015-0929 time.htm in the web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a78 ...
CVE-2015-0930 The web interface on SerVision HVG Video Gateway devices with firmware before 2.2.26a100 has a hardc...
CVE-2015-0931 Ektron Content Management System (CMS) 8.5 and 8.7 before 8.7sp2 and 9.0 before sp1, when the Saxon ...
CVE-2015-0932 The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, In...
E S
CVE-2015-0933 Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid openin_any ...
CVE-2015-0934 Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows remot...
CVE-2015-0935 Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafte...
E S
CVE-2015-0936 Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user...
E
CVE-2015-0937 Cross-site scripting (XSS) vulnerability in search.php on the Blue Coat Malware Analysis appliance w...
CVE-2015-0938 search.php on the Blue Coat Malware Analysis appliance with software before 4.2.4.20150312-RELEASE a...
CVE-2015-0941 The Inetc plugin for Nullsoft Scriptable Install System (NSIS), as used in CERT/CC Failure Observati...
CVE-2015-0942 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-6742, CVE-2015-6743, CVE-201...
R
CVE-2015-0943 Basware Banking (Maksuliikenne) before 9.10.0.0 does not encrypt communication between the client an...
CVE-2015-0949 The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBo...
CVE-2015-0950 Cross-site scripting (XSS) vulnerability in admin.php in X-Cart 5.1.6 through 5.1.10 allows remote a...
S
CVE-2015-0951 X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary a...
S
CVE-2015-0955 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0955. Reason: This candida...
R
CVE-2015-0961 Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, does not verify X.509 certifi...
CVE-2015-0962 Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same roo...
CVE-2015-0967 Multiple cross-site scripting (XSS) vulnerabilities in SearchBlox before 8.2 allow remote attackers ...
CVE-2015-0968 Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 8.2 allows rem...
CVE-2015-0969 SearchBlox before 8.2 allows remote attackers to obtain sensitive information via a pretty=true acti...
CVE-2015-0970 Cross-site request forgery (CSRF) vulnerability in SearchBlox before 8.2 allows remote attackers to ...
CVE-2015-0971 The DER parser in Suricata before 2.0.8 allows remote attackers to cause a denial of service (crash)...
S
CVE-2015-0972 Pearson ProctorCache before 2015.1.17 uses the same hardcoded password across different customers' i...
CVE-2015-0973 Buffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng before 1.5.21 and 1.6.x b...
E
CVE-2015-0974 Untrusted search path vulnerability in ZTE Datacard MF19 0V1.0.0B04 allows local users to gain privi...
E
CVE-2015-0976 Cross-site scripting (XSS) vulnerability in Inductive Automation Ignition 7.7.2 allows remote attack...
CVE-2015-0977 Network Vision IntraVue before 2.3.0a14 on Windows allows remote attackers to execute arbitrary OS c...
CVE-2015-0978 Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (...
CVE-2015-0979 Heap-based buffer overflow in the SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.37...
CVE-2015-0980 Format string vulnerability in BACnOPCServer.exe in the SOAP web interface in SCADA Engine BACnet OP...
CVE-2015-0981 The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers t...
CVE-2015-0982 Buffer overflow in an unspecified DLL in Schneider Electric Pelco DS-NVs before 7.8.90 allows remote...
S
CVE-2015-0983 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2015-0984 Directory traversal vulnerability in the FTP server on Honeywell Excel Web XL1000C50 52 I/O, XL1000C...
E
CVE-2015-0985 Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows rem...
CVE-2015-0986 Multiple stack-based buffer overflows in Moxa VPort ActiveX SDK Plus before 2.8 allow remote attacke...
S
CVE-2015-0987 Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 ...
CVE-2015-0988 Omron CX-One CX-Programmer before 9.6 uses a reversible format for password storage in project sourc...
CVE-2015-0989 PACTware 4.1 SP3 allows remote attackers to cause a denial of service (application crash) via a craf...
CVE-2015-0990 Untrusted search path vulnerability in Ecava IntegraXor SCADA Server before 4.2.4488 allows local us...
S
CVE-2015-0991 Inductive Automation Ignition 7.7.2 allows remote attackers to obtain sensitive information by readi...
CVE-2015-0992 Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local user...
CVE-2015-0993 Inductive Automation Ignition 7.7.2 does not terminate a session upon a logout action, which allows ...
CVE-2015-0994 Inductive Automation Ignition 7.7.2 allows remote authenticated users to bypass a brute-force protec...
CVE-2015-0995 Inductive Automation Ignition 7.7.2 uses MD5 password hashes, which makes it easier for context-depe...
CVE-2015-0996 Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 b...
S
CVE-2015-0997 Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 b...
S
CVE-2015-0998 Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 b...
S
CVE-2015-0999 Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition 2014 b...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.