| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2015-4000 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a ... | S | |
| CVE-2015-4001 | Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in th... | | |
| CVE-2015-4002 | drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not e... | | |
| CVE-2015-4003 | The oz_usb_handle_ep_data function in drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the... | | |
| CVE-2015-4004 | The OZWPAN driver in the Linux kernel through 4.0.5 relies on an untrusted length field during packe... | E | |
| CVE-2015-4010 | Cross-site request forgery (CSRF) vulnerability in the Encrypted Contact Form plugin before 1.1 for ... | E S | |
| CVE-2015-4016 | The client detection protocol in Valve Steam allows remote attackers to cause a denial of service (p... | S | |
| CVE-2015-4017 | Salt before 2014.7.6 does not verify certificates when connecting via the aliyun, proxmox, and splun... | S | |
| CVE-2015-4018 | SQL injection vulnerability in feedwordpresssyndicationpage.class.php in the FeedWordPress plugin be... | E S | |
| CVE-2015-4020 | RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4.x before 2.4.8 does not validate the hostn... | | |
| CVE-2015-4021 | The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6... | E S | |
| CVE-2015-4022 | Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5... | E S | |
| CVE-2015-4024 | Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in P... | E S | |
| CVE-2015-4025 | PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encounterin... | S | |
| CVE-2015-4026 | The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 trun... | E S | |
| CVE-2015-4027 | The AcuWVSSchedulerv10 service in Acunetix Web Vulnerability Scanner (WVS) before 10 build 20151125 ... | E | |
| CVE-2015-4029 | Cross-site scripting (XSS) vulnerability in the WebGUI in pfSense before 2.2.3 allows remote attacke... | E | |
| CVE-2015-4031 | Directory traversal vulnerability in saveFile.jsp in the development installation in Visual Mining N... | | |
| CVE-2015-4032 | projectContents.jsp in the Developer tools in Visual Mining NetCharts Server allows remote attackers... | | |
| CVE-2015-4033 | Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to ac... | | |
| CVE-2015-4034 | The createFromParcel method in the com.absolute.android.persistence.MethodSpec class in Samsung Gala... | | |
| CVE-2015-4035 | scripts/xzgrep.in in xzgrep 5.2.x before 5.2.0, before 5.0.0 does not properly process file names co... | | |
| CVE-2015-4036 | Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel bef... | E | |
| CVE-2015-4037 | The slirp_smb function in net/slirp.c in QEMU 2.3.0 and earlier creates temporary files with predict... | | |
| CVE-2015-4038 | The WP Membership plugin 1.2.3 for WordPress allows remote authenticated users to gain administrator... | E | |
| CVE-2015-4039 | Multiple cross-site scripting (XSS) vulnerabilities in the WP Membership plugin 1.2.3 for WordPress ... | E | |
| CVE-2015-4040 | Directory traversal vulnerability in the configuration utility in F5 BIG-IP before 12.0.0 and Enterp... | | |
| CVE-2015-4041 | The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms perfo... | E S | |
| CVE-2015-4042 | Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might... | E S | |
| CVE-2015-4043 | SQL injection vulnerability in ConnX ESP HR Management 4.4.0 allows remote attackers to execute arbi... | | |
| CVE-2015-4045 | The sudoers file in the asset discovery scanner in AlienVault OSSIM before 5.0.1 allows local users ... | E S | |
| CVE-2015-4046 | The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to ex... | E S | |
| CVE-2015-4047 | racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL poin... | E | |
| CVE-2015-4049 | Unisys Libra 43xx, 63xx, and 83xx, and FS600 class systems with MCP-FIRMWARE 40.0 before 40.0IC4 Bui... | | |
| CVE-2015-4050 | FragmentListener in the HttpKernel component in Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10,... | | |
| CVE-2015-4051 | Beckhoff IPC Diagnostics before 1.8 does not properly restrict access to functions in /config, which... | E | |
| CVE-2015-4053 | The admin command in ceph-deploy before 1.5.25 uses world-readable permissions for /etc/ceph/ceph.cl... | | |
| CVE-2015-4054 | PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereferenc... | E S | |
| CVE-2015-4056 | The System Library in VCE Vision Intelligent Operations before 2.6.5 does not properly implement cry... | | |
| CVE-2015-4057 | The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a cleartext... | | |
| CVE-2015-4058 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4059 | Heap-based buffer overflow in the License Server (LicenseServer.exe) in Wavelink Terminal Emulation ... | | |
| CVE-2015-4060 | Heap-based buffer overflow in the TermProxy (WLTermProxyService.exe) service in Wavelink ConnectPro ... | | |
| CVE-2015-4062 | SQL injection vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for W... | E S | |
| CVE-2015-4063 | Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin befor... | E S | |
| CVE-2015-4064 | SQL injection vulnerability in modules/module.ab-testing.php in the Landing Pages plugin before 1.8.... | E S | |
| CVE-2015-4065 | Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the Landing ... | E S | |
| CVE-2015-4066 | Multiple SQL injection vulnerabilities in admin/handlers.php in the GigPress plugin before 2.3.9 for... | E S | |
| CVE-2015-4067 | Integer overflow in the libnv6 module in Dell NetVault Backup before 10.0.5 allows remote attackers ... | | |
| CVE-2015-4068 | Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obt... | KEV | |
| CVE-2015-4069 | The EdgeServiceImpl web service in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtai... | | |
| CVE-2015-4070 | Open redirect vulnerability in the proxyimages function in wowproxy.php in the Wow Moodboard Lite pl... | | |
| CVE-2015-4071 | The Helpdesk Pro Plugin before 1.4.0 for Joomla! allows remote attackers to read the support tickets... | E | |
| CVE-2015-4072 | Multiple cross-site scripting (XSS) vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joom... | E | |
| CVE-2015-4073 | Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow rem... | E | |
| CVE-2015-4074 | Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote ... | E | |
| CVE-2015-4075 | The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini ... | E | |
| CVE-2015-4077 | The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fo... | E | |
| CVE-2015-4078 | Cloudera Navigator 2.2.x before 2.2.4 and 2.3.x before 2.3.3 include support for SSLv3 when configur... | | |
| CVE-2015-4080 | The Kankun Smart Socket device and mobile application uses a hardcoded AES 256 bit key, which makes ... | | |
| CVE-2015-4082 | attic before 0.15 does not confirm unencrypted backups with the user, which allows remote attackers ... | E | |
| CVE-2015-4084 | Cross-site scripting (XSS) vulnerability in the Free Counter plugin 1.1 for WordPress allows remote ... | E | |
| CVE-2015-4085 | Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1... | | |
| CVE-2015-4089 | Multiple cross-site request forgery (CSRF) vulnerabilities in the optionsPageRequest function in adm... | | |
| CVE-2015-4091 | XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote attackers to send... | | |
| CVE-2015-4092 | Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 allows remote attackers to cause... | | |
| CVE-2015-4093 | Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x before 4.0.3 allows remote atta... | | |
| CVE-2015-4094 | The Thycotic Password Manager Secret Server application through 2.3 for iOS does not verify X.509 ce... | | |
| CVE-2015-4100 | Puppet Enterprise 3.7.x and 3.8.0 might allow remote authenticated users to manage certificates for ... | | |
| CVE-2015-4101 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-4102 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-4103 | Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, ... | | |
| CVE-2015-4104 | Xen 3.3.x through 4.5.x does not properly restrict access to PCI MSI mask bits, which allows local x... | | |
| CVE-2015-4105 | Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows loca... | | |
| CVE-2015-4106 | QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through de... | | |
| CVE-2015-4107 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2015-4108 | Multiple cross-site request forgery (CSRF) vulnerabilities in Wing FTP Server before 4.4.7 allow rem... | E S | |
| CVE-2015-4109 | Multiple SQL injection vulnerabilities in the ratings module in the Users Ultra plugin before 1.5.16... | E | |
| CVE-2015-4111 | mc_demux_mp4_ds.ax in an unspecified third-party codec demux in BlackBerry Link before 1.2.3.53 with... | | |
| CVE-2015-4112 | The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restri... | | |
| CVE-2015-4116 | Use-after-free vulnerability in the spl_ptr_heap_insert function in ext/spl/spl_heap.c in PHP before... | E | |
| CVE-2015-4117 | Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands ... | E | |
| CVE-2015-4118 | SQL injection vulnerability in monitor/show_sys_state.php in ISPConfig before 3.0.5.4p7 allows remot... | E | |
| CVE-2015-4119 | Multiple cross-site request forgery (CSRF) vulnerabilities in ISPConfig before 3.0.5.4p7 allow remot... | E | |
| CVE-2015-4127 | Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allow... | E S | |
| CVE-2015-4129 | SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote authenticated users to execute... | | |
| CVE-2015-4132 | Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM... | | |
| CVE-2015-4133 | Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery p... | E S | |
| CVE-2015-4134 | Open redirect vulnerability in goto.php in phpwind 8.7 allows remote attackers to redirect users to ... | | |
| CVE-2015-4135 | Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 allows remote attackers to injec... | | |
| CVE-2015-4137 | SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 allows remote attackers to ex... | E | |
| CVE-2015-4138 | The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x th... | | |
| CVE-2015-4139 | Cross-site scripting (XSS) vulnerability in smilies4wp.php in the WP Smiley plugin 1.4.1 for WordPre... | E | |
| CVE-2015-4140 | Cross-site request forgery (CSRF) vulnerability in the WP Smiley plugin 1.4.1 for WordPress allows r... | E | |
| CVE-2015-4141 | The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external reg... | | |
| CVE-2015-4142 | Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7... | | |
| CVE-2015-4143 | The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remo... | | |
| CVE-2015-4144 | The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not va... | | |
| CVE-2015-4145 | The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not va... | | |
| CVE-2015-4146 | The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (... | | |
| CVE-2015-4147 | The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.... | E S | |
| CVE-2015-4148 | The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x be... | E S | |
| CVE-2015-4152 | Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 a... | | |
| CVE-2015-4153 | Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress ... | E | |
| CVE-2015-4155 | GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) --com... | | |
| CVE-2015-4156 | GNU Parallel before 20150522 (Nepal), when using (1) --cat or (2) --fifo with --sshlogin, allows loc... | | |
| CVE-2015-4157 | SAP Content Server allows remote attackers to cause a denial of service (service termination) via un... | E | |
| CVE-2015-4158 | SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) vi... | E | |
| CVE-2015-4159 | SQL injection vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to e... | E | |
| CVE-2015-4160 | SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrar... | E | |
| CVE-2015-4161 | SAP Afaria does not properly restrict access to unspecified functionality, which allows remote attac... | E | |
| CVE-2015-4162 | XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x bef... | | |
| CVE-2015-4163 | GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, whi... | | |
| CVE-2015-4164 | The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows ... | | |
| CVE-2015-4165 | The snapshot API in Elasticsearch before 1.6.0 when another application exists on the system that ca... | M | |
| CVE-2015-4166 | Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attack... | M | |
| CVE-2015-4167 | The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate ce... | | |
| CVE-2015-4169 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-4170 | Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3... | S | |
| CVE-2015-4171 | strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or ... | S | |
| CVE-2015-4173 | Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before... | | |
| CVE-2015-4174 | Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet... | E S | |
| CVE-2015-4176 | fs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which ... | | |
| CVE-2015-4177 | The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly con... | | |
| CVE-2015-4178 | The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency ... | S | |
| CVE-2015-4179 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Codestyling Localization plugin 1.... | E | |
| CVE-2015-4180 | Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.4 allows remote at... | | |
| CVE-2015-4181 | Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.5 allows remote at... | | |
| CVE-2015-4182 | The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote au... | | |
| CVE-2015-4183 | Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution vi... | | |
| CVE-2015-4184 | The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8... | | |
| CVE-2015-4185 | The TCL interpreter in Cisco IOS 15.2 does not properly maintain the vty state, which allows local u... | | |
| CVE-2015-4186 | The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (ak... | | |
| CVE-2015-4188 | SQL injection vulnerability in the Manager interface in Cisco Prime Collaboration 10.5(1) allows rem... | | |
| CVE-2015-4189 | Cross-site request forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework (DCAF) 1.4 ... | | |
| CVE-2015-4190 | Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man... | | |
| CVE-2015-4191 | Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via... | | |
| CVE-2015-4194 | The web-based administrative interface in Cisco WebEx Meeting Center provides different error messag... | | |
| CVE-2015-4195 | Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, ... | | |
| CVE-2015-4196 | Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardco... | | |
| CVE-2015-4197 | Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (devic... | | |
| CVE-2015-4198 | Cross-site scripting (XSS) vulnerability in the web framework on Cisco Web Security Appliance (WSA) ... | | |
| CVE-2015-4199 | Race condition in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engin... | | |
| CVE-2015-4200 | Memory leak in the IPv6-to-IPv4 functionality in Cisco IOS 15.3S in the Performance Routing Engine (... | | |
| CVE-2015-4201 | The Gateway General Packet Radio Service Support Node (GGSN) component on Cisco ASR 5000 devices wit... | | |
| CVE-2015-4202 | Cisco IOS 12.2SCH on uBR10000 router Cable Modem Termination Systems (CMTS) does not properly restri... | | |
| CVE-2015-4203 | Race condition in Cisco IOS 12.2SCH in the Performance Routing Engine (PRE) module on uBR10000 devic... | | |
| CVE-2015-4204 | Memory leak in Cisco IOS 12.2 in the Performance Routing Engine (PRE) module on uBR10000 devices all... | | |
| CVE-2015-4205 | Cisco IOS XR 5.3.1 on ASR 9000 devices allows remote attackers to cause a denial of service (NPU chi... | | |
| CVE-2015-4206 | Cisco Unified Communications Manager (UCM) 8.0 through 8.6 allows remote attackers to bypass an XSS ... | | |
| CVE-2015-4207 | Cisco WebEx Meeting Center places a meeting's access number in a URL, which allows remote attackers ... | | |
| CVE-2015-4208 | Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which all... | | |
| CVE-2015-4209 | Cisco WebEx Meeting Center does not properly determine authorization for reading a host calendar, wh... | | |
| CVE-2015-4210 | Cross-site scripting (XSS) vulnerability in Cisco WebEx Meeting Center allows remote attackers to in... | | |
| CVE-2015-4211 | Cisco AnyConnect Secure Mobility Client 3.1(60) on Windows does not properly validate pathnames, whi... | | |
| CVE-2015-4212 | Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information via unspecified v... | | |
| CVE-2015-4213 | Cisco NX-OS 1.1(1g) on Nexus 9000 devices allows remote authenticated users to discover cleartext pa... | | |
| CVE-2015-4214 | Cisco Unified MeetingPlace 8.6(1.2) and 8.6(1.9) allows remote authenticated users to discover clear... | | |
| CVE-2015-4215 | Cisco Wireless LAN Controller (WLC) devices with software 7.5(102.0) and 7.6(1.62) allow remote atta... | | |
| CVE-2015-4216 | The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Ap... | | |
| CVE-2015-4217 | The remote-support feature on Cisco Web Security Virtual Appliance (WSAv), Email Security Virtual Ap... | | |
| CVE-2015-4218 | The web-based user interface in Cisco Jabber through 9.6(3) and 9.7 through 9.7(5) on Windows allows... | | |
| CVE-2015-4219 | Cisco Secure Access Control System before 5.4(0.46.2) and 5.5 before 5.5(0.46) and Cisco Identity Se... | | |
| CVE-2015-4220 | Cross-site scripting (XSS) vulnerability in Cisco Unified Presence Server 9.1(1) allows remote attac... | | |
| CVE-2015-4221 | Cisco Unified Communications Manager IM and Presence Service 9.1(1) does not properly restrict acces... | | |
| CVE-2015-4222 | SQL injection vulnerability in Cisco Unified Communications Manager IM and Presence Service 9.1(1) a... | | |
| CVE-2015-4223 | Cisco IOS XR 5.1.3 allows remote attackers to cause a denial of service (process reload) via crafted... | | |
| CVE-2015-4224 | Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0) allow local users to execute ar... | | |
| CVE-2015-4225 | Cisco Application Policy Infrastructure Controller (APIC) 1.0(1.110a) and 1.0(1e) on Nexus 9000 devi... | | |
| CVE-2015-4226 | The packet-storing feature on Cisco 9900 phones with firmware 9.3(2) does not properly support the R... | | |
| CVE-2015-4227 | Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (me... | | |
| CVE-2015-4228 | Cisco Digital Content Manager (DCM) 15.0.0 might allow remote ad servers to cause a denial of servic... | | |
| CVE-2015-4229 | The web framework in Cisco Unified Communications Domain Manager 8.1(4)ER1 allows remote attackers t... | | |
| CVE-2015-4230 | Memory leak in Cisco Headend System Release allows remote attackers to cause a denial of service (me... | | |
| CVE-2015-4231 | The Python interpreter in Cisco NX-OS 6.2(8a) on Nexus 7000 devices allows local users to bypass int... | | |
| CVE-2015-4232 | Cisco NX-OS 6.2(10) on Nexus and MDS 9000 devices allows local users to execute arbitrary OS command... | | |
| CVE-2015-4233 | SQL injection vulnerability in Cisco Unified MeetingPlace 8.6(1.2) allows remote authenticated users... | | |
| CVE-2015-4234 | Cisco NX-OS 6.0(2) and 6.2(2) on Nexus devices has an improper OS configuration, which allows local ... | | |
| CVE-2015-4235 | Cisco Application Policy Infrastructure Controller (APIC) devices with software before 1.0(3o) and 1... | | |
| CVE-2015-4236 | Cisco AsyncOS on Email Security Appliance (ESA) devices with software 8.5.6-073, 8.5.6-074, and 9.0.... | | |
| CVE-2015-4237 | The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and 9.... | | |
| CVE-2015-4238 | The SNMP implementation in Cisco Adaptive Security Appliance (ASA) Software 8.4(7) and 8.6(1.2) allo... | | |
| CVE-2015-4239 | Cisco Adaptive Security Appliance (ASA) Software 9.3(2.243) and 100.13(0.21) allows remote attackers... | | |
| CVE-2015-4240 | Cisco IP Communicator 8.6(4) allows remote attackers to cause a denial of service (service outage) v... | | |
| CVE-2015-4241 | Cisco Adaptive Security Appliance (ASA) Software 9.3(2) allows remote attackers to cause a denial of... | | |
| CVE-2015-4242 | Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 5.4.1.2 and 6.0.0... | | |
| CVE-2015-4243 | The PPPoE establishment implementation in Cisco IOS XE 3.5.0S on ASR 1000 devices allows remote atta... | | |
| CVE-2015-4244 | The boot implementation on Cisco ASR 5000 and 5500 devices with software 14.0 allows local users to ... | | |
| CVE-2015-4245 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2015-4246 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2015-4247 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2015-4248 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4249 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2015-4250 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4251 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4252 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence ISDN Gateway devices with soft... | | |
| CVE-2015-4253 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Serial Gateway devices with so... | | |
| CVE-2015-4254 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence Advanced Media Gateway devices... | | |
| CVE-2015-4255 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP Gateway devices with softwa... | | |
| CVE-2015-4256 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence IP VCR devices with software 3... | | |
| CVE-2015-4257 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MCU 4500 devices with software... | | |
| CVE-2015-4258 | Cross-site request forgery (CSRF) vulnerability on Cisco TelePresence MSE 8000 devices allows remote... | | |
| CVE-2015-4259 | The Integrated Management Controller on Cisco Unified Computing System (UCS) C servers with software... | | |
| CVE-2015-4260 | Cross-site scripting (XSS) vulnerability in Cisco Hosted Collaboration Solution 10.6(1) allows remot... | | |
| CVE-2015-4261 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4262 | The password-change feature in Cisco Unified MeetingPlace Web Conferencing before 8.5(5) MR3 and 8.6... | | |
| CVE-2015-4263 | The Control and Provisioning functionality in Cisco Mobility Services Engine (MSE) 10.0(0.1) allows ... | | |
| CVE-2015-4265 | Cisco Unified Computing System (UCS) B Blade Server Software 2.2.x before 2.2.6 allows local users t... | | |
| CVE-2015-4266 | The web interface in Cisco Identity Services Engine (ISE) 1.1(4.1), 1.3(106.146), and 1.3(120.135) d... | | |
| CVE-2015-4267 | Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Identity Services Engi... | | |
| CVE-2015-4268 | Multiple cross-site scripting (XSS) vulnerabilities in the Infra Admin UI in Cisco Identity Services... | | |
| CVE-2015-4269 | The Tomcat throttling feature in Cisco Unified Communications Manager 10.5(1.99995.9) allows remote ... | | |
| CVE-2015-4270 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSIGHT System Software 5.3.1.5 and 6... | | |
| CVE-2015-4271 | Cisco TelePresence TC before 7.3.4 on Integrator C devices allows remote attackers to bypass authent... | | |
| CVE-2015-4272 | Multiple cross-site scripting (XSS) vulnerabilities in the ccmivr page in Cisco Unified Communicatio... | | |
| CVE-2015-4273 | The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 15.0(912... | | |
| CVE-2015-4274 | Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Unified Intelligence C... | | |
| CVE-2015-4275 | The Packet Data Network Gateway (aka PGW) component on Cisco ASR 5000 devices with software 18.0.0.5... | | |
| CVE-2015-4276 | Cisco WebEx Meetings Server 2.5MR1 allows remote authenticated users to execute arbitrary code via a... | | |
| CVE-2015-4277 | The global-configuration implementation on Cisco ASR 9000 devices with software 5.1.3 and 5.3.0 impr... | | |
| CVE-2015-4278 | Cisco Email Security Appliance (ESA) devices with software 8.5.6-106 and 9.5.0-201 allow remote atta... | | |
| CVE-2015-4279 | The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices allo... | | |
| CVE-2015-4280 | Cisco Prime Collaboration Assurance 10.0 allows remote attackers to cause a denial of service (HTTP ... | | |
| CVE-2015-4281 | Cross-site request forgery (CSRF) vulnerability in Cisco WebEx Meetings Server 2.5 MR1 allows remote... | | |
| CVE-2015-4282 | Cisco Mobility Services Engine (MSE) through 8.0.120.7 uses weak permissions for unspecified binary ... | | |
| CVE-2015-4283 | Cisco Videoscape Policy Resource Manager (PRM) 3.5.4 allows remote attackers to cause a denial of se... | | |
| CVE-2015-4284 | The Concurrent Data Management Replication process in Cisco IOS XR 5.3.0 on ASR 9000 devices allows ... | | |
| CVE-2015-4285 | The Local Packet Transport Services (LPTS) implementation in Cisco IOS XR 5.1.2, 5.1.3, 5.2.1, and 5... | | |
| CVE-2015-4286 | The web framework in Cisco UCS Central Software 1.3(0.99) allows remote attackers to read arbitrary ... | | |
| CVE-2015-4287 | Cisco Firepower Extensible Operating System 1.1(1.86) on Firepower 9000 devices allows remote attack... | | |
| CVE-2015-4288 | The LDAP implementation on the Cisco Web Security Appliance (WSA) 8.5.0-000, Email Security Applianc... | | |
| CVE-2015-4289 | Directory traversal vulnerability in Cisco AnyConnect Secure Mobility Client 4.0(2049) allows remote... | | |
| CVE-2015-4290 | The kernel extension in Cisco AnyConnect Secure Mobility Client 4.0(2049) on OS X allows local users... | | |
| CVE-2015-4291 | Cisco IOS XE 2.x before 2.4.3 and 2.5.x before 2.5.1 on ASR 1000 devices allows remote attackers to ... | | |
| CVE-2015-4292 | Cross-site scripting (XSS) vulnerability in the management interface in Cisco Prime Central for Host... | | |
| CVE-2015-4293 | The packet-reassembly implementation in Cisco IOS XE 3.13S and earlier allows remote attackers to ca... | | |
| CVE-2015-4294 | Cross-site scripting (XSS) vulnerability in Cisco IM and Presence Service before 10.5 MR1 allows rem... | | |
| CVE-2015-4295 | The Prime Collaboration Deployment component in Cisco Unified Communications Manager 10.5(3.10000.9)... | | |
| CVE-2015-4296 | Nexus Data Broker (NDB) on Cisco Nexus 3000 devices with software 6.0(2)A6(1) allows remote attacker... | | |
| CVE-2015-4297 | Open redirect vulnerability in Cisco WebEx Node for Media Convergence Server (MCS) allows remote att... | | |
| CVE-2015-4298 | Cisco Unified Web and E-Mail Interaction Manager 9.0(2) and 11.0(1) improperly performs authorizatio... | | |
| CVE-2015-4299 | Cisco Unified Web and E-Mail Interaction Manager 9.0(2) improperly performs authorization, which all... | | |
| CVE-2015-4300 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4301 | Cisco NX-OS on Nexus 9000 devices 11.1(1c) allows remote authenticated users to cause a denial of se... | | |
| CVE-2015-4302 | The web interface in Cisco FireSIGHT Management Center 5.3.1.4 allows remote attackers to delete arb... | | |
| CVE-2015-4303 | Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows remote authenticated users to exec... | | |
| CVE-2015-4304 | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authent... | | |
| CVE-2015-4305 | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authent... | | |
| CVE-2015-4306 | The web framework in Cisco Prime Collaboration Assurance before 10.5.1.53684-1 allows remote authent... | | |
| CVE-2015-4307 | The web framework in Cisco Prime Collaboration Provisioning before 11.0 allows remote authenticated ... | | |
| CVE-2015-4308 | The webGUI configuration-export feature in Cisco Edge Bluebird Operating System 1.2 on Edge 340 devi... | | |
| CVE-2015-4310 | Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse 10.5(1) allow remote attackers ... | | |
| CVE-2015-4314 | The System Snapshot feature in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1... | | |
| CVE-2015-4315 | The Call Policy Configuration page in Cisco TelePresence Video Communication Server (VCS) Expressway... | | |
| CVE-2015-4316 | The Mobile and Remote Access (MRA) endpoint-validation feature in Cisco TelePresence Video Communica... | | |
| CVE-2015-4317 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cau... | | |
| CVE-2015-4318 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote attackers to cau... | | |
| CVE-2015-4319 | The password-change feature in the administrative web interface in Cisco TelePresence Video Communic... | | |
| CVE-2015-4320 | The Configuration Log File component in Cisco TelePresence Video Communication Server (VCS) Expressw... | | |
| CVE-2015-4321 | The Unicast Reverse Path Forwarding (uRPF) implementation in Cisco Adaptive Security Appliance (ASA)... | | |
| CVE-2015-4322 | Cisco Content Security Management Appliance (SMA) 8.3.6-039, 9.1.0-31, and 9.1.0-103 improperly rest... | | |
| CVE-2015-4323 | Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.9); Nexus 3000 d... | | |
| CVE-2015-4324 | Buffer overflow in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 7.3(0)ZN(0.81), Nexus 3000 ... | | |
| CVE-2015-4325 | The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Express... | | |
| CVE-2015-4327 | The CLI in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users ... | | |
| CVE-2015-4328 | Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 improperly checks for a user a... | | |
| CVE-2015-4329 | The administrator web interface in Cisco TelePresence Video Communication Server (VCS) X8.5.2 allows... | | |
| CVE-2015-4330 | A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows ... | | |
| CVE-2015-4331 | Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows remot... | | |
| CVE-2015-4332 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-4334 | The default configuration of SGOS in Blue Coat ProxySG before 6.2.16.5, 6.5 before 6.5.7.1, and 6.6 ... | | |
| CVE-2015-4335 | Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode v... | E | |
| CVE-2015-4336 | cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to ... | E | |
| CVE-2015-4337 | Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote aut... | E | |
| CVE-2015-4338 | Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenti... | | |
| CVE-2015-4342 | SQL injection vulnerability in Cacti before 0.8.8d allows remote attackers to execute arbitrary SQL ... | S | |
| CVE-2015-4344 | The Services Basic Authentication module 7.x-1.x through 7.x-1.3 for Drupal allows remote attackers ... | S | |
| CVE-2015-4345 | The RESTWS Basic Auth submodule in the RESTful Web Services module 7.x-1.x before 7.x-1.5 and 7.x-2.... | S | |
| CVE-2015-4346 | Cross-site scripting (XSS) vulnerability in the SMS Framework module 6.x-1.x before 6.x-1.1 for Drup... | S | |
| CVE-2015-4347 | Cross-site scripting (XSS) vulnerability in the inLinks Integration module for Drupal allows remote ... | | |
| CVE-2015-4348 | SQL injection vulnerability in the Spider Contacts module for Drupal allows remote authenticated use... | | |
| CVE-2015-4349 | Cross-site request forgery (CSRF) vulnerability in the Spider Contacts module for Drupal allows remo... | | |
| CVE-2015-4350 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Spider Catalog module for Drupal a... | | |
| CVE-2015-4351 | The Spider Video Player module for Drupal allows remote authenticated users with the "access Spider ... | | |
| CVE-2015-4352 | Cross-site request forgery (CSRF) vulnerability in the Spider Video Player module for Drupal allows ... | | |
| CVE-2015-4353 | Cross-site request forgery (CSRF) vulnerability in the Custom Sitemap module for Drupal allows remot... | | |
| CVE-2015-4354 | Cross-site scripting (XSS) vulnerability in the Ubercart Webform Integration module before 6.x-1.8 a... | S | |
| CVE-2015-4355 | Cross-site request forgery (CSRF) vulnerability in the Watchdog Aggregator module for Drupal allows ... | | |
| CVE-2015-4356 | Cross-site scripting (XSS) vulnerability in the view-based webform results table in the Webform modu... | S | |
| CVE-2015-4357 | Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.22, 7.x-3.x before 7.x-3... | S | |
| CVE-2015-4358 | Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Ubercart Discoun... | S | |
| CVE-2015-4359 | Multiple cross-site scripting (XSS) vulnerabilities in the Registration codes module before 6.x-1.6,... | S | |
| CVE-2015-4360 | Cross-site request forgery (CSRF) vulnerability in the Registration codes module before 6.x-1.6, 6.x... | S | |
| CVE-2015-4361 | Cross-site request forgery (CSRF) vulnerability in the Registration codes module before 6.x-1.6 for ... | S | |
| CVE-2015-4362 | Cross-site request forgery (CSRF) vulnerability in tracking_code.admin.inc in the Tracking Code modu... | S | |
| CVE-2015-4363 | Open redirect vulnerability in the finder_form_goto function in the Finder module for Drupal allows ... | | |
| CVE-2015-4364 | Multiple cross-site request forgery (CSRF) vulnerabilities in includes/campaignmonitor_lists.admin.i... | S | |
| CVE-2015-4365 | Cross-site scripting (XSS) vulnerability in the Taxonomy Accordion module for Drupal allows remote a... | | |
| CVE-2015-4366 | Cross-site scripting (XSS) vulnerability in the Mover module 6.x-1.0 for Drupal allows remote authen... | | |
| CVE-2015-4367 | Cross-site scripting (XSS) vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x-1.... | S | |
| CVE-2015-4368 | The Commerce Ogone module 7.x-1.x before 7.x-1.5 for Drupal allows remote attackers to complete the ... | S | |
| CVE-2015-4369 | Cross-site scripting (XSS) vulnerability in the Trick Question module before 6.x-1.5 and 7.x-1.x bef... | S | |
| CVE-2015-4370 | Cross-site scripting (XSS) vulnerability in the Site Documentation module before 6.x-1.5 for Drupal ... | S | |
| CVE-2015-4371 | Open redirect vulnerability in the Perfecto module before 7.x-1.2 for Drupal allows remote attackers... | S | |
| CVE-2015-4372 | Cross-site scripting (XSS) vulnerability in the Image Title module before 7.x-1.1 for Drupal allows ... | S | |
| CVE-2015-4373 | Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows remo... | S | |
| CVE-2015-4374 | Cross-site scripting (XSS) vulnerability in the Webform module before 6.x-3.23, 7.x-3.x before 7.x-3... | S | |
| CVE-2015-4375 | The Chaos tool suite (ctools) module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to ob... | S | |
| CVE-2015-4376 | Cross-site scripting (XSS) vulnerability in the Profile2 Privacy module 7.x-1.x before 7.x-1.5 for D... | S | |
| CVE-2015-4377 | Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition module ... | S | |
| CVE-2015-4378 | Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x before 7.x-2.3 for Drupal allo... | S | |
| CVE-2015-4379 | Cross-site request forgery (CSRF) vulnerability in the Webform Multiple File Upload module 6.x-1.x b... | S | |
| CVE-2015-4380 | Cross-site scripting (XSS) vulnerability in the Linear Case module 6.x-1.x before 6.x-1.3 for Drupal... | S | |
| CVE-2015-4381 | Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x be... | S | |
| CVE-2015-4382 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Invoice module 6.x-1.x before 6.x-... | S | |
| CVE-2015-4383 | Cross-site request forgery (CSRF) vulnerability in the Decisions module for Drupal allows remote att... | S | |
| CVE-2015-4384 | Cross-site scripting (XSS) vulnerability in the Ubercart Webform Checkout Pane module 6.x-3.x before... | S | |
| CVE-2015-4385 | Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Imagefield Info ... | S | |
| CVE-2015-4386 | Multiple cross-site scripting (XSS) vulnerabilities in unspecified administration pages in the Entit... | S | |
| CVE-2015-4387 | Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Password Policy ... | S | |
| CVE-2015-4388 | Cross-site scripting (XSS) vulnerability in the Current Search Links module 7.x-1.x before 7.x-1.1 f... | S | |
| CVE-2015-4389 | The Open Graph Importer (og_tag_importer) 7.x-1.x for Drupal does not properly check the create perm... | | |
| CVE-2015-4390 | Multiple cross-site request forgery (CSRF) vulnerabilities in the User Import module 6.x-4.x before ... | S | |
| CVE-2015-4391 | Cross-site request forgery (CSRF) vulnerability in the CiviCRM private report module 6.x-1.x before ... | S | |
| CVE-2015-4392 | Cross-site scripting (XSS) vulnerability in the Display Suite module 7.x-2.7 for Drupal allows remot... | S | |
| CVE-2015-4393 | The resource/endpoint for uploading files in the Services module 7.x-3.x before 7.x-3.12 for Drupal ... | S | |
| CVE-2015-4394 | The Services module 7.x-3.x before 7.x-3.12 for Drupal allows remote attackers to bypass the field_a... | S | |
| CVE-2015-4395 | The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in plaintext ... | | |
| CVE-2015-4396 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Keyword Research module 6.x-1.x be... | S | |
| CVE-2015-4397 | Cross-site request forgery (CSRF) vulnerability in the Node Template module for Drupal allows remote... | | |
| CVE-2015-4398 | Open redirect vulnerability in the Chaos tool suite (ctools) module before 6.x-1.12 and 7.x-1.x befo... | S | |
| CVE-2015-4400 | Ring (formerly DoorBot) video doorbells allow remote attackers to obtain sensitive information about... | | |
| CVE-2015-4407 | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote... | S | |
| CVE-2015-4408 | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote... | S | |
| CVE-2015-4409 | Buffer overflow on Hikvision NVR DS-76xxNI-E1/2 and DS-77xxxNI-E4 devices before 3.4.0 allows remote... | S | |
| CVE-2015-4410 | The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71a... | E | |
| CVE-2015-4411 | The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped al... | E S | |
| CVE-2015-4412 | BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby al... | E S | |
| CVE-2015-4413 | Cross-site scripting (XSS) vulnerability in the new_fb_sign_button function in nextend-facebook-conn... | E S | |
| CVE-2015-4414 | Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se-html5... | E | |
| CVE-2015-4415 | Multiple directory traversal vulnerabilities in func.php in Magnifica Webscripts Anima Gallery 2.6 a... | | |
| CVE-2015-4418 | Zoho NetFlow Analyzer build 10250 and earlier does not have an off autocomplete attribute for a pass... | | |
| CVE-2015-4420 | Multiple cross-site scripting (XSS) vulnerabilities in Opsview 4.6.2 and earlier allow remote attack... | E | |
| CVE-2015-4421 | The tzdriver module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows l... | | |
| CVE-2015-4422 | The TEEOS module in Huawei Mate 7 (Mate7-TL10) smartphones before V100R001CHNC00B126SP03 allows loca... | | |
| CVE-2015-4425 | Directory traversal vulnerability in pimcore before build 3473 allows remote authenticated users wit... | E | |
| CVE-2015-4426 | SQL injection vulnerability in pimcore before build 3473 allows remote attackers to execute arbitrar... | E | |
| CVE-2015-4427 | Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/workarea.aspx in Ektron Content... | E | |
| CVE-2015-4428 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18... | S | |
| CVE-2015-4429 | Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and... | S | |
| CVE-2015-4430 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18... | S | |
| CVE-2015-4431 | Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and... | S | |
| CVE-2015-4432 | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0... | S | |
| CVE-2015-4433 | Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and... | S | |
| CVE-2015-4434 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4435 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4436 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4437 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4438 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4439 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4440 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4441 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4442 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4443 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4444 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4445 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4446 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4447 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4448 | Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12... | S | |
| CVE-2015-4449 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4450 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4451 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4452 | Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ... | S | |
| CVE-2015-4453 | interface/globals.php in OpenEMR 2.x, 3.x, and 4.x before 4.2.0 patch 2 allows remote attackers to b... | S | |
| CVE-2015-4454 | SQL injection vulnerability in the get_hash_graph_template function in lib/functions.php in Cacti be... | S | |
| CVE-2015-4455 | Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For ... | E | |
| CVE-2015-4456 | ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list of e... | | |
| CVE-2015-4457 | Multiple cross-site scripting (XSS) vulnerabilities in the Cloudera Manager UI before 5.4.3 allow re... | | |
| CVE-2015-4458 | The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adapti... | | |
| CVE-2015-4460 | Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx ... | E | |
| CVE-2015-4461 | Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor use... | E | |
| CVE-2015-4462 | Absolute path traversal vulnerability in the file_manager component of eFront CMS before 3.6.15.5 al... | E | |
| CVE-2015-4463 | The file_manager component in eFront CMS before 3.6.15.5 allows remote authenticated users to bypass... | E | |
| CVE-2015-4464 | Kguard Digital Video Recorder 104, 108, v2 does not have any authorization or authentication between... | E | |
| CVE-2015-4465 | Cross-site scripting (XSS) vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for Wor... | S | |
| CVE-2015-4467 | The chmd_init_decomp function in chmd.c in libmspack before 0.5 does not properly validate the reset... | E | |
| CVE-2015-4468 | Multiple integer overflows in the search_chunk function in chmd.c in libmspack before 0.5 allow remo... | E | |
| CVE-2015-4469 | The chmd_read_headers function in chmd.c in libmspack before 0.5 does not validate name lengths, whi... | E | |
| CVE-2015-4470 | Off-by-one error in the inflate function in mszipd.c in libmspack before 0.5 allows remote attackers... | E | |
| CVE-2015-4471 | Off-by-one error in the lzxd_decompress function in lzxd.c in libmspack before 0.5 allows remote att... | E | |
| CVE-2015-4472 | Off-by-one error in the READ_ENCINT macro in chmd.c in libmspack before 0.5 allows remote attackers ... | E | |
| CVE-2015-4473 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 and Firefo... | | |
| CVE-2015-4474 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 40.0 allow remo... | | |
| CVE-2015-4475 | The mozilla::AudioSink function in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 mish... | | |
| CVE-2015-4476 | Mozilla Firefox before 41.0 on Android allows user-assisted remote attackers to spoof address-bar at... | | |
| CVE-2015-4477 | Use-after-free vulnerability in the MediaStream playback feature in Mozilla Firefox before 40.0 allo... | | |
| CVE-2015-4478 | Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 do not impose certain ECMAScript 6 requ... | | |
| CVE-2015-4479 | Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x bef... | | |
| CVE-2015-4480 | Integer overflow in the stagefright::SampleTable::isValid function in libstagefright in Mozilla Fire... | | |
| CVE-2015-4481 | Race condition in the Mozilla Maintenance Service in Mozilla Firefox before 40.0 and Firefox ESR 38.... | E | |
| CVE-2015-4482 | mar_read.c in the Updater in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allows loc... | | |
| CVE-2015-4483 | Mozilla Firefox before 40.0 allows man-in-the-middle attackers to bypass a mixed-content protection ... | | |
| CVE-2015-4484 | The js::jit::AssemblerX86Shared::lock_addl function in the JavaScript implementation in Mozilla Fire... | | |
| CVE-2015-4485 | Heap-based buffer overflow in the resize_context_buffers function in libvpx in Mozilla Firefox befor... | | |
| CVE-2015-4486 | The decrease_ref_count function in libvpx in Mozilla Firefox before 40.0 and Firefox ESR 38.x before... | | |
| CVE-2015-4487 | The nsTSubstring::ReplacePrep function in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2,... | | |
| CVE-2015-4488 | Use-after-free vulnerability in the StyleAnimationValue class in Mozilla Firefox before 40.0, Firefo... | | |
| CVE-2015-4489 | The nsTArray_Impl class in Mozilla Firefox before 40.0, Firefox ESR 38.x before 38.2, and Firefox OS... | | |
| CVE-2015-4490 | The nsCSPHostSrc::permits function in dom/security/nsCSPUtils.cpp in Mozilla Firefox before 40.0 doe... | | |
| CVE-2015-4491 | Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, a... | | |
| CVE-2015-4492 | Use-after-free vulnerability in the XMLHttpRequest::Open implementation in Mozilla Firefox before 40... | | |
| CVE-2015-4493 | Heap-based buffer overflow in the stagefright::ESDS::parseESDescriptor function in libstagefright in... | | |
| CVE-2015-4494 | Mozilla Firefox OS before 2.2 does not require the wifi-manage privilege for reading a Wi-Fi system ... | | |
| CVE-2015-4495 | The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS befo... | KEV E S | |
| CVE-2015-4496 | Multiple integer overflows in libstagefright in Mozilla Firefox before 38.0 allow remote attackers t... | | |
| CVE-2015-4497 | Use-after-free vulnerability in the CanvasRenderingContext2D implementation in Mozilla Firefox befor... | | |
| CVE-2015-4498 | The add-on installation feature in Mozilla Firefox before 40.0.3 and Firefox ESR 38.x before 38.2.1 ... | | |
| CVE-2015-4499 | Util.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.15, 4.3.x and 4.4.x before 4.4.10, and 5.x before 5... | E S | |
| CVE-2015-4500 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 and Firefo... | | |
| CVE-2015-4501 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 41.0 allow remo... | | |
| CVE-2015-4502 | js/src/proxy/Proxy.cpp in Mozilla Firefox before 41.0 mishandles certain receiver arguments, which a... | | |
| CVE-2015-4503 | The TCP Socket API implementation in Mozilla Firefox before 41.0 mishandles array boundaries that we... | | |
| CVE-2015-4504 | The lut_inverse_interp16 function in the QCMS library in Mozilla Firefox before 41.0 allows remote a... | | |
| CVE-2015-4505 | updater.exe in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 on Windows allows local ... | | |
| CVE-2015-4506 | Buffer overflow in the vp9_init_context_buffers function in libvpx, as used in Mozilla Firefox befor... | | |
| CVE-2015-4507 | The SavedStacks class in the JavaScript implementation in Mozilla Firefox before 41.0, when the Debu... | | |
| CVE-2015-4508 | Mozilla Firefox before 41.0, when reader mode is enabled, allows remote attackers to spoof the relat... | | |
| CVE-2015-4509 | Use-after-free vulnerability in the HTMLVideoElement interface in Mozilla Firefox before 41.0 and Fi... | | |
| CVE-2015-4510 | Race condition in the WorkerPrivate::NotifyFeatures function in Mozilla Firefox before 41.0 allows r... | | |
| CVE-2015-4511 | Heap-based buffer overflow in the nestegg_track_codec_data function in Mozilla Firefox before 41.0 a... | | |
| CVE-2015-4512 | gfx/2d/DataSurfaceHelpers.cpp in Mozilla Firefox before 41.0 on Linux improperly attempts to use the... | | |
| CVE-2015-4513 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 and Firefo... | | |
| CVE-2015-4514 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 42.0 allow remo... | | |
| CVE-2015-4515 | Mozilla Firefox before 42.0, when NTLM v1 is enabled for HTTP authentication, allows remote attacker... | | |
| CVE-2015-4516 | Mozilla Firefox before 41.0 allows remote attackers to bypass certain ECMAScript 5 (aka ES5) API pro... | | |
| CVE-2015-4517 | NetworkUtils.cpp in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 might allow remote ... | | |
| CVE-2015-4518 | The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which makes... | | |
| CVE-2015-4519 | Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow user-assisted remote attackers to... | | |
| CVE-2015-4520 | Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 allow remote attackers to bypass CORS p... | | |
| CVE-2015-4521 | The ConvertDialogOptions function in Mozilla Firefox before 41.0 and Firefox ESR 38.x before 38.3 mi... | | |
| CVE-2015-4522 | The nsUnicodeToUTF8::GetMaxLength function in Mozilla Firefox before 41.0 and Firefox ESR 38.x befor... | | |
| CVE-2015-4523 | Blue Coat Malware Analysis Appliance (MAA) before 4.2.5 and Malware Analyzer G2 allow remote attacke... | | |
| CVE-2015-4524 | Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23... | | |
| CVE-2015-4525 | The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x throug... | | |
| CVE-2015-4526 | EMC RecoverPoint for Virtual Machines (VMs) 4.2 allows local users to obtain root-shell access by by... | | |
| CVE-2015-4527 | Directory traversal vulnerability in EMC Avamar Server 7.x before 7.1.2 and Avamar Virtual Addition ... | | |
| CVE-2015-4528 | Cross-site scripting (XSS) vulnerability in EMC Documentum CenterStage 1.2SP1 and 1.2SP2 allows remo... | | |
| CVE-2015-4529 | Open redirect vulnerability in EMC Documentum WebTop before 6.8P02, Documentum Administrator before ... | | |
| CVE-2015-4530 | Cross-site request forgery (CSRF) vulnerability in EMC Documentum WebTop before 6.8P01, Documentum A... | | |
| CVE-2015-4531 | EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, ... | | |
| CVE-2015-4532 | EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, ... | | |
| CVE-2015-4533 | EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 before P19, 7.1 before P16, ... | | |
| CVE-2015-4534 | Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 ... | | |
| CVE-2015-4535 | Java Method Server (JMS) in EMC Documentum Content Server before 6.7SP1 P32, 6.7SP2 before P25, 7.0 ... | | |
| CVE-2015-4536 | EMC Documentum Content Server before 7.0 P20, 7.1 before P18, and 7.2 before P02, when RPC tracing i... | | |
| CVE-2015-4537 | Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2.Lockbox... | | |
| CVE-2015-4538 | The XML parser in EMC Atmos before 2.2.3.426 and 2.3.x before 2.3.1.0 allows remote authenticated us... | | |
| CVE-2015-4539 | Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG... | | |
| CVE-2015-4540 | Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Identity Management & Governance (IMG... | | |
| CVE-2015-4541 | Multiple cross-site scripting (XSS) vulnerabilities in EMC RSA Archer GRC 5.x before 5.5.3 allow rem... | | |
| CVE-2015-4542 | EMC RSA Archer GRC 5.x before 5.5.3 allows remote authenticated users to bypass intended access rest... | | |
| CVE-2015-4543 | EMC RSA Archer GRC 5.x before 5.5.3 uses cleartext for stored passwords in unspecified circumstances... | | |
| CVE-2015-4544 | EMC Documentum Content Server before 7.1P20 and 7.2.x before 7.2P04 does not properly verify authori... | | |
| CVE-2015-4545 | EMC Isilon OneFS 7.1 before 7.1.1.8, 7.2.0 before 7.2.0.4, and 7.2.1 before 7.2.1.1 allows remote au... | | |
| CVE-2015-4546 | Directory traversal vulnerability in EMC RSA OneStep 6.9 before build 559, as used in RSA Certificat... | | |
| CVE-2015-4547 | EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration fi... | | |
| CVE-2015-4548 | EMC RSA Web Threat Detection before 5.1 SP1 allows local users to obtain root privileges by leveragi... | | |
| CVE-2015-4550 | The Cavium cryptographic-module firmware on Cisco Adaptive Security Appliance (ASA) devices with sof... | | |
| CVE-2015-4551 | LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 uses the stored LinkUpdateMode configura... | | |
| CVE-2015-4552 | Cross-site scripting (XSS) vulnerability in the quick edit function in xmlhttp.php in MyBB (aka MyBu... | E S | |
| CVE-2015-4553 | A file upload issue exists in DeDeCMS before 5.7-sp1, which allows malicious users getshell.... | E | |
| CVE-2015-4554 | Multiple unspecified vulnerabilities in TIBCO Spotfire Client and Spotfire Web Player Client in Spot... | | |
| CVE-2015-4555 | Buffer overflow in the HTTP administrative interface in TIBCO Rendezvous before 8.4.4, Rendezvous Ne... | | |
| CVE-2015-4556 | The string-translate* procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote a... | S | |
| CVE-2015-4557 | Cross-site scripting (XSS) vulnerability in the new_Twitter_sign_button function in nextend-Twitter-... | E | |
| CVE-2015-4559 | Cross-site scripting (XSS) vulnerability in the product deployment feature in the Java core web serv... | | |
| CVE-2015-4582 | The TheCartPress boot-store (aka Boot Store) theme 1.6.4 for WordPress allows header.php tcp_registe... | | |
| CVE-2015-4586 | Cross-site request forgery (CSRF) vulnerability in Alcatel-Lucent CellPipe 7130 RG 5Ae.M2013 HOL wit... | E | |
| CVE-2015-4587 | Cross-site scripting (XSS) vulnerability in the Alcatel-Lucent CellPipe 7130 router with firmware 1.... | E | |
| CVE-2015-4588 | Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to ... | E | |
| CVE-2015-4590 | The extractFrom function in Internals/QuotedString.cpp in Arduino JSON before 4.5 allows remote atta... | E | |
| CVE-2015-4591 | eClinicalWorks Population Health (CCMR) suffers from a cross site scripting vulnerability in login.j... | E | |
| CVE-2015-4592 | eClinicalWorks Population Health (CCMR) suffers from an SQL injection vulnerability in portalUserSer... | E | |
| CVE-2015-4593 | eClinicalWorks Population Health (CCMR) suffers from a cross-site request forgery (CSRF) vulnerabili... | E | |
| CVE-2015-4594 | eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When authenti... | E | |
| CVE-2015-4596 | Lenovo Mouse Suite before 6.73 allows local users to run arbitrary code with administrator privilege... | | |
| CVE-2015-4598 | PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack ... | | |
| CVE-2015-4599 | The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5... | E | |
| CVE-2015-4600 | The SoapClient implementation in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allo... | E | |
| CVE-2015-4601 | PHP before 5.6.7 might allow remote attackers to cause a denial of service (application crash) or po... | | |
| CVE-2015-4602 | The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x b... | E | |
| CVE-2015-4603 | The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x befor... | E | |
| CVE-2015-4604 | The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40... | E | |
| CVE-2015-4605 | The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.4... | E | |
| CVE-2015-4606 | Unrestricted file upload vulnerability in the Job Fair (jobfair) extension before 1.0.1 for TYPO3, w... | S | |
| CVE-2015-4607 | Unrestricted file upload vulnerability in the Frontend User Upload (feupload) extension 0.5.0 and ea... | S | |
| CVE-2015-4608 | Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and ear... | | |
| CVE-2015-4609 | SQL injection vulnerability in the wt_directory extension before 1.4.2 for TYPO3 allows remote authe... | S | |
| CVE-2015-4610 | SQL injection vulnerability in the Store Locator (locator) extension before 3.3.1 for TYPO3 allows r... | S | |
| CVE-2015-4611 | SQL injection vulnerability in the Smoelenboek (ncgov_smoelenboek) extension before 1.0.9 for TYPO3 ... | S | |
| CVE-2015-4612 | SQL injection vulnerability in the "FAQ - Frequently Asked Questions" (js_faq) extension before 1.2.... | S | |
| CVE-2015-4613 | SQL injection vulnerability in the backend module in the Developer Log (devlog) extension before 2.1... | S | |
| CVE-2015-4614 | Multiple SQL injection vulnerabilities in includes/Function.php in the Easy2Map plugin before 1.2.5 ... | E S | |
| CVE-2015-4615 | Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemp... | E | |
| CVE-2015-4616 | Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.... | E | |
| CVE-2015-4617 | Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php... | E | |
| CVE-2015-4619 | Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b659303267930... | S | |
| CVE-2015-4620 | name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when co... | | |
| CVE-2015-4624 | Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.... | E | |
| CVE-2015-4625 | Integer overflow in the authentication_agent_new_cookie function in PolicyKit (aka polkit) before 0.... | | |
| CVE-2015-4626 | B.A.S C2Box before 4.0.0 (r19171) relies on client-side validation, which allows remote attackers to... | E | |
| CVE-2015-4627 | SQL injection vulnerability in Pragyan CMS 3.0.... | | |
| CVE-2015-4628 | SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before... | | |
| CVE-2015-4629 | Huawei E5756S before V200R002B146D23SP00C00 allows remote attackers to read device configuration inf... | | |
| CVE-2015-4630 | Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x bef... | E | |
| CVE-2015-4631 | Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.1... | E | |
| CVE-2015-4632 | Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3... | E S | |
| CVE-2015-4633 | Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x ... | E | |
| CVE-2015-4634 | SQL injection vulnerability in graphs.php in Cacti before 0.8.8e allows remote attackers to execute ... | E | |
| CVE-2015-4637 | The REST API in F5 BIG-IQ Cloud, Device, and Security 4.4.0 and 4.5.0 before HF2 and ADC 4.5.0 befor... | | |
| CVE-2015-4638 | The FastL4 virtual server in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Link Controller, and... | | |
| CVE-2015-4639 | Cross-site scripting (XSS) vulnerability in opac-addbybiblionumber.pl in Koha 3.14.x before 3.14.16,... | | |
| CVE-2015-4640 | The SwiftKey language-pack update implementation on Samsung Galaxy S4, S4 Mini, S5, and S6 devices r... | E | |
| CVE-2015-4641 | Directory traversal vulnerability in the SwiftKey language-pack update implementation on Samsung Gal... | E | |
| CVE-2015-4642 | The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.... | E | |
| CVE-2015-4643 | Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5... | E S | |
| CVE-2015-4644 | The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.... | | |
| CVE-2015-4645 | Integer overflow in the read_fragment_table_4 function in unsquash-4.c in Squashfs and sasquatch all... | | |
| CVE-2015-4646 | (1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch... | | |
| CVE-2015-4647 | Multiple stack-based buffer overflows in Ipropsapi in Panasonic Security API (PS-API) ActiveX SDK be... | S | |
| CVE-2015-4648 | Stack-based buffer overflow in the Ipropsapi.ipropsapiCtrl.1 ActiveX control in ipropsapivideo in Pa... | S | |
| CVE-2015-4649 | Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authentica... | | |
| CVE-2015-4650 | Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers ... | | |
| CVE-2015-4651 | The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissect... | | |
| CVE-2015-4652 | epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does... | | |
| CVE-2015-4654 | SQL injection vulnerability in the EQ Event Calendar component for Joomla! allows remote attackers t... | E | |
| CVE-2015-4655 | Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) before 5.2-5565 Updat... | E | |
| CVE-2015-4656 | Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station before 6.3-2945 allow ... | E | |
| CVE-2015-4657 | Cross-site scripting (XSS) vulnerability in Mailbird 2.0.16.0 and earlier allows remote attackers to... | | |
| CVE-2015-4658 | Multiple SQL injection vulnerabilities in admin/login.php in Milw0rm Clone Script 1.0 allow remote a... | E | |
| CVE-2015-4659 | Cross-site request forgery (CSRF) vulnerability in ClickHeat 1.14 and earlier allows remote attacker... | E | |
| CVE-2015-4660 | Cross-site scripting (XSS) vulnerability in Enhanced SQL Portal 5.0.7961 allows remote attackers to ... | E | |
| CVE-2015-4661 | Cross-site scripting (XSS) vulnerability in Symphony CMS 2.6.2 allows remote attackers to inject arb... | E | |
| CVE-2015-4664 | An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allow... | E | |
| CVE-2015-4665 | Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and earlier allo... | E | |
| CVE-2015-4666 | Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier ... | E | |
| CVE-2015-4667 | Multiple hardcoded credentials in Xsuite 2.x.... | E | |
| CVE-2015-4668 | Open redirect vulnerability in Xsuite 2.4.4.5 and earlier allows remote attackers to redirect users ... | E | |
| CVE-2015-4669 | The MySQL "root" user in Xsuite 2.x does not have a password set, which allows local users to access... | E | |
| CVE-2015-4670 | Directory traversal vulnerability in the AjaxFileUpload control in DevExpress AJAX Control Toolkit (... | E | |
| CVE-2015-4671 | Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to injec... | E S | |
| CVE-2015-4673 | Multiple cross-site scripting (XSS) vulnerabilities in ClipBucket 2.7.0.5 allow remote authenticated... | | |
| CVE-2015-4674 | The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer fil... | E | |
| CVE-2015-4675 | Buffer overflow in the Tiny SRP library (aka TinySRP) allows remote attackers to cause a denial of s... | E | |
| CVE-2015-4676 | SQL injection vulnerability in ticket.php in TickFa 1.x allows remote authenticated users to execute... | E | |
| CVE-2015-4677 | Cross-site request forgery (CSRF) vulnerability in FiverrScript (aka Fiverr Script) 7.2 allows remot... | E | |
| CVE-2015-4678 | SQL injection vulnerability in Persian Car CMS 1.0 allows remote attackers to execute arbitrary SQL ... | E | |
| CVE-2015-4679 | Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Airties RT-210 allow rem... | E | |
| CVE-2015-4680 | FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermedi... | S | |
| CVE-2015-4681 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified i... | E | |
| CVE-2015-4682 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows remote authenticated users to obt... | E | |
| CVE-2015-4683 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows attackers to obtain sensitive inf... | E | |
| CVE-2015-4684 | Multiple directory traversal vulnerabilities in Polycom RealPresence Resource Manager (aka RPRM) bef... | E | |
| CVE-2015-4685 | Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the pl... | E | |
| CVE-2015-4687 | Cross-site scripting (XSS) vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 allow... | | |
| CVE-2015-4688 | Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allow remote attackers to enumerate u... | | |
| CVE-2015-4689 | Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows remote attackers to reset arbi... | | |
| CVE-2015-4692 | The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows lo... | | |
| CVE-2015-4694 | Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for Wor... | E S | |
| CVE-2015-4695 | meta.h in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (out-of-bounds read) v... | E | |
| CVE-2015-4696 | Use-after-free vulnerability in libwmf 0.2.8.4 allows remote attackers to cause a denial of service ... | E | |
| CVE-2015-4697 | Cross-site request forgery (CSRF) vulnerability in Google Analyticator Wordpress Plugin before 6.4.9... | | |
| CVE-2015-4699 | Cross-site scripting (XSS) vulnerability in the Splash Portal in Cloud4Wi before 5.9.7 allows remote... | E | |
| CVE-2015-4700 | The bpf_int_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 4.0.6 all... | | |
| CVE-2015-4703 | Absolute path traversal vulnerability in mysqldump_download.php in the WordPress Rename plugin 1.0 f... | E S | |
| CVE-2015-4704 | Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows re... | E | |
| CVE-2015-4706 | Cross-site scripting (XSS) vulnerability in IPython 3.x before 3.2 allows remote attackers to inject... | S | |
| CVE-2015-4707 | Cross-site scripting (XSS) vulnerability in IPython before 3.2 allows remote attackers to inject arb... | S | |
| CVE-2015-4709 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2015-4713 | SQL injection vulnerability in ApPHP Hotel Site 3.x.x allows remote editors to execute arbitrary SQL... | E | |
| CVE-2015-4714 | Cross-site scripting (XSS) vulnerability in the DreamBox DM500-S allows remote attackers to inject a... | E | |
| CVE-2015-4715 | The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x be... | S | |
| CVE-2015-4716 | Directory traversal vulnerability in the routing component in ownCloud Server before 7.0.6 and 8.0.x... | | |
| CVE-2015-4717 | The filename sanitization component in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x b... | | |
| CVE-2015-4718 | The external SMB storage driver in ownCloud Server before 6.0.8, 7.0.x before 7.0.6, and 8.0.x befor... | | |
| CVE-2015-4719 | The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain ... | | |
| CVE-2015-4720 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4721 | Multiple cross-site scripting (XSS) vulnerabilities in Concrete5 5.7.3.1.... | | |
| CVE-2015-4724 | SQL injection vulnerability in Concrete5 5.7.3.1.... | | |
| CVE-2015-4725 | Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2.0.2 allows remote attackers t... | E | |
| CVE-2015-4726 | PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote atta... | E | |
| CVE-2015-4727 | Unspecified vulnerability in Oracle Virtualization Sun Ray Software before 5.4.4 allows remote attac... | S | |
| CVE-2015-4728 | Unspecified vulnerability in the Oracle Sourcing component in Oracle E-Business Suite 12.1.1, 12.1.2... | S | |
| CVE-2015-4729 | Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confiden... | S | |
| CVE-2015-4730 | Unspecified vulnerability in Oracle MySQL 5.6.20 and earlier allows remote authenticated users to af... | | |
| CVE-2015-4731 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE... | S | |
| CVE-2015-4732 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33... | S | |
| CVE-2015-4733 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33... | S | |
| CVE-2015-4734 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows ... | | |
| CVE-2015-4735 | Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterpri... | S | |
| CVE-2015-4736 | Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confiden... | S | |
| CVE-2015-4737 | Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier, and 5.6.23 and earlier, allows ... | S | |
| CVE-2015-4738 | Unspecified vulnerability in the PeopleSoft Enterprise HCM Candidate Gateway component in Oracle Peo... | S | |
| CVE-2015-4739 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | S | |
| CVE-2015-4740 | Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11... | S | |
| CVE-2015-4741 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ... | S | |
| CVE-2015-4742 | Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0,... | S | |
| CVE-2015-4743 | Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3... | S | |
| CVE-2015-4744 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1... | S | |
| CVE-2015-4745 | Unspecified vulnerability in the Oracle Endeca Information Discovery Studio component in Oracle Fusi... | S | |
| CVE-2015-4746 | Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component in ... | S | |
| CVE-2015-4747 | Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.... | S | |
| CVE-2015-4748 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embed... | S | |
| CVE-2015-4749 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embed... | S | |
| CVE-2015-4750 | Unspecified vulnerability in the Oracle VM Server for SPARC component in Oracle Sun Systems Products... | S | |
| CVE-2015-4751 | Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.... | S | |
| CVE-2015-4752 | Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows re... | S | |
| CVE-2015-4753 | Unspecified vulnerability in the RDBMS Support Tools component in Oracle Database Server 11.2.0.3, 1... | S | |
| CVE-2015-4754 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4755 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows ... | S | |
| CVE-2015-4756 | Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated user... | S | |
| CVE-2015-4757 | Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier and 5.6.23 and earlier allows re... | S | |
| CVE-2015-4758 | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1... | S | |
| CVE-2015-4759 | Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1... | S | |
| CVE-2015-4760 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect c... | S | |
| CVE-2015-4761 | Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated user... | S | |
| CVE-2015-4762 | Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 12.2.3... | | |
| CVE-2015-4763 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.... | S | |
| CVE-2015-4764 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4765 | Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12... | S | |
| CVE-2015-4766 | Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect ava... | | |
| CVE-2015-4767 | Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated user... | S | |
| CVE-2015-4768 | Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P... | S | |
| CVE-2015-4769 | Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated user... | S | |
| CVE-2015-4770 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availabilit... | S | |
| CVE-2015-4771 | Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated user... | S | |
| CVE-2015-4772 | Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated user... | S | |
| CVE-2015-4773 | Unspecified vulnerability in the Hyperion Common Security component in Oracle Hyperion 11.1.2.2, 11.... | S | |
| CVE-2015-4774 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4775 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4776 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4777 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4778 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4779 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4780 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4781 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4782 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4783 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4784 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4785 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4786 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4787 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4788 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4789 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4790 | Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42... | S | |
| CVE-2015-4791 | Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated user... | | |
| CVE-2015-4792 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re... | S | |
| CVE-2015-4793 | Unspecified vulnerability in the Oracle Communications Convergence component in Oracle Communication... | | |
| CVE-2015-4794 | Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and... | | |
| CVE-2015-4795 | Unspecified vulnerability in the Oracle Utilities Work and Asset Management component in Oracle Indu... | | |
| CVE-2015-4796 | Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and... | | |
| CVE-2015-4797 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.... | | |
| CVE-2015-4798 | Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business... | S | |
| CVE-2015-4799 | Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 7.6.2,... | | |
| CVE-2015-4800 | Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated user... | S | |
| CVE-2015-4801 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality vi... | | |
| CVE-2015-4802 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re... | S | |
| CVE-2015-4803 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRocki... | | |
| CVE-2015-4804 | Unspecified vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Management component i... | | |
| CVE-2015-4805 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | | |
| CVE-2015-4806 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | | |
| CVE-2015-4807 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when run... | S | |
| CVE-2015-4808 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2015-4809 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2015-4810 | Unspecified vulnerability in Oracle Java SE 7u85 and 8u60 allows local users to affect confidentiali... | | |
| CVE-2015-4811 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2015-4812 | Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.9 a... | | |
| CVE-2015-4813 | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox ... | | |
| CVE-2015-4814 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4815 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re... | S | |
| CVE-2015-4816 | Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier allows remote authenticated user... | S | |
| CVE-2015-4817 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i... | | |
| CVE-2015-4818 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | | |
| CVE-2015-4819 | Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows ... | S | |
| CVE-2015-4820 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i... | | |
| CVE-2015-4821 | Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun System... | | |
| CVE-2015-4822 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via u... | | |
| CVE-2015-4823 | Unspecified vulnerability in the Hyperion Installation Technology component in Oracle Hyperion 11.1.... | | |
| CVE-2015-4824 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.... | | |
| CVE-2015-4825 | Unspecified vulnerability in the PeopleSoft Enterprise FIN Expenses component in Oracle PeopleSoft P... | | |
| CVE-2015-4826 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re... | S | |
| CVE-2015-4827 | Unspecified vulnerability in the Oracle Retail Open Commerce Platform component in Oracle Retail App... | | |
| CVE-2015-4828 | Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft Products ... | | |
| CVE-2015-4829 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-0638. Reason: This candida... | R | |
| CVE-2015-4830 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re... | S | |
| CVE-2015-4831 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect availability via u... | | |
| CVE-2015-4832 | Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.... | | |
| CVE-2015-4833 | Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated user... | | |
| CVE-2015-4834 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i... | | |
| CVE-2015-4835 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | | |
| CVE-2015-4836 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows ... | S | |
| CVE-2015-4837 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i... | | |
| CVE-2015-4838 | Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0,... | S | |
| CVE-2015-4839 | Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business... | S | |
| CVE-2015-4840 | Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote ... | S | |
| CVE-2015-4841 | Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM IP201... | S | |
| CVE-2015-4842 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | S | |
| CVE-2015-4843 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | S | |
| CVE-2015-4844 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | S | |
| CVE-2015-4845 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | S | |
| CVE-2015-4846 | Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11... | S | |
| CVE-2015-4847 | Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite... | | |
| CVE-2015-4848 | Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite... | S | |
| CVE-2015-4849 | Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 11.5.10.2, 12.... | S | |
| CVE-2015-4850 | Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9... | S | |
| CVE-2015-4851 | Unspecified vulnerability in the Oracle iSupplier Portal component in Oracle E-Business Suite 12.0.6... | S | |
| CVE-2015-4852 | The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allo... | KEV E S | |
| CVE-2015-4853 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4854 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | S | |
| CVE-2015-4855 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4856 | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox ... | S | |
| CVE-2015-4857 | Unspecified vulnerability in the RDBMS component in Oracle Database Server 12.1.0.1 and 12.1.0.2 all... | S | |
| CVE-2015-4858 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows ... | S | |
| CVE-2015-4859 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man... | S | |
| CVE-2015-4860 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | S | |
| CVE-2015-4861 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows ... | S | |
| CVE-2015-4862 | Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated user... | S | |
| CVE-2015-4863 | Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, ... | S | |
| CVE-2015-4864 | Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows re... | S | |
| CVE-2015-4865 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ... | S | |
| CVE-2015-4866 | Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user... | S | |
| CVE-2015-4867 | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1... | S | |
| CVE-2015-4868 | Unspecified vulnerability in Oracle Java SE 8u60 and Java SE Embedded 8u51 allows remote attackers t... | S | |
| CVE-2015-4869 | Unspecified vulnerability in Oracle Sun Solaris 10 and 11.2 allows local users to affect availabilit... | S | |
| CVE-2015-4870 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier, and 5.6.26 and earlier, allows ... | E S | |
| CVE-2015-4871 | Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality a... | S | |
| CVE-2015-4872 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRocki... | S | |
| CVE-2015-4873 | Unspecified vulnerability in the Database Scheduler component in Oracle Database Server 11.2.0.4, 12... | S | |
| CVE-2015-4874 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man... | S | |
| CVE-2015-4875 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man... | S | |
| CVE-2015-4876 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Pr... | S | |
| CVE-2015-4877 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | E S | |
| CVE-2015-4878 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | E S | |
| CVE-2015-4879 | Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows ... | S | |
| CVE-2015-4880 | Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1... | S | |
| CVE-2015-4881 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | S | |
| CVE-2015-4882 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | S | |
| CVE-2015-4883 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | S | |
| CVE-2015-4884 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su... | S | |
| CVE-2015-4885 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Man... | | |
| CVE-2015-4886 | Unspecified vulnerability in the Oracle Report Manager component in Oracle E-Business Suite 11.5.10.... | S | |
| CVE-2015-4887 | Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9... | S | |
| CVE-2015-4888 | Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and... | S | |
| CVE-2015-4889 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4890 | Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated user... | S | |
| CVE-2015-4891 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i... | S | |
| CVE-2015-4892 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.... | S | |
| CVE-2015-4893 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRocki... | S | |
| CVE-2015-4894 | Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server 10.3.... | S | |
| CVE-2015-4895 | Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated user... | | |
| CVE-2015-4896 | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox ... | S | |
| CVE-2015-4897 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4898 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ... | | |
| CVE-2015-4899 | Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1... | | |
| CVE-2015-4900 | Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12... | | |
| CVE-2015-4901 | Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, ... | | |
| CVE-2015-4902 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect ... | KEV S | |
| CVE-2015-4903 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows... | | |
| CVE-2015-4904 | Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated user... | | |
| CVE-2015-4905 | Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated user... | | |
| CVE-2015-4906 | Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect... | | |
| CVE-2015-4907 | Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality, i... | | |
| CVE-2015-4908 | Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect... | | |
| CVE-2015-4909 | Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0,... | | |
| CVE-2015-4910 | Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated user... | | |
| CVE-2015-4911 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRocki... | | |
| CVE-2015-4912 | Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.... | | |
| CVE-2015-4913 | Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows re... | S | |
| CVE-2015-4914 | Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, ... | | |
| CVE-2015-4915 | Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun System... | | |
| CVE-2015-4916 | Unspecified vulnerability in Oracle Java SE 8u60 and JavaFX 2.2.85 allows remote attackers to affect... | | |
| CVE-2015-4917 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.... | | |
| CVE-2015-4918 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2015-4919 | Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Produ... | | |
| CVE-2015-4920 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect integrity via vector... | | |
| CVE-2015-4921 | Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0... | | |
| CVE-2015-4922 | Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via vec... | | |
| CVE-2015-4923 | Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.... | | |
| CVE-2015-4924 | Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.... | | |
| CVE-2015-4925 | Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allo... | | |
| CVE-2015-4926 | Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ... | | |
| CVE-2015-4927 | The Reporting and Monitoring component in Tivoli Monitoring in IBM Tivoli Storage Manager 6.3 before... | | |
| CVE-2015-4928 | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, includes cleartext p... | | |
| CVE-2015-4929 | IBM License Metric Tool 9 before 9.2.1.0 and Endpoint Manager for Software Use Analysis 9 before 9.2... | | |
| CVE-2015-4930 | IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote authentica... | S | |
| CVE-2015-4931 | Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1... | S | |
| CVE-2015-4932 | Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1... | S | |
| CVE-2015-4933 | Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1... | S | |
| CVE-2015-4934 | Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1... | S | |
| CVE-2015-4935 | Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1... | S | |
| CVE-2015-4936 | Unspecified vulnerability in IBM WebSphere eXtreme Scale 8.6 through 8.6.0.8 allows remote attackers... | S | |
| CVE-2015-4938 | IBM WebSphere Application Server 7.x before 7.0.0.39, 8.0.x before 8.0.0.11, and 8.5.x before 8.5.5.... | | |
| CVE-2015-4939 | Cross-site scripting (XSS) vulnerability in IBM Emptoris Supplier Lifecycle Management and Emptoris ... | S | |
| CVE-2015-4940 | Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a cleartext B... | | |
| CVE-2015-4941 | IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS handshakes, which allows remote a... | | |
| CVE-2015-4942 | IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR s... | | |
| CVE-2015-4943 | IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR s... | | |
| CVE-2015-4944 | Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 ... | S | |
| CVE-2015-4945 | Unspecified vulnerability in the IBM Maximo Anywhere application 7.5.1 through 7.5.1.2 for Android a... | S | |
| CVE-2015-4946 | Rational LifeCycle Project Administration in Jazz Team Server in IBM Rational Collaborative Lifecycl... | | |
| CVE-2015-4947 | Stack-based buffer overflow in the Administration Server in IBM HTTP Server 6.1.0.x through 6.1.0.47... | | |
| CVE-2015-4948 | netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows lo... | | |
| CVE-2015-4949 | IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 7.1 before 7.1.2,... | S | |
| CVE-2015-4950 | The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Ex... | S | |
| CVE-2015-4951 | Client Acceptor Daemon (CAD) in the client in IBM Spectrum Protect (formerly Tivoli Storage Manager)... | S | |
| CVE-2015-4952 | The on-demand plugin in IBM Endpoint Manager for Remote Control 9.0.1 and 9.1.0 allows user-assisted... | | |
| CVE-2015-4953 | IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for man-i... | S | |
| CVE-2015-4954 | IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 improperly allows self-si... | S | |
| CVE-2015-4955 | Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 8.0.x through 8.0.1.3... | S | |
| CVE-2015-4956 | The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated use... | | |
| CVE-2015-4957 | Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 ... | | |
| CVE-2015-4958 | IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, ... | | |
| CVE-2015-4959 | Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 befor... | | |
| CVE-2015-4960 | IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, ... | | |
| CVE-2015-4961 | IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0 and 9... | | |
| CVE-2015-4962 | Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x and... | | |
| CVE-2015-4963 | IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HT... | | |
| CVE-2015-4964 | IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before 6.1.1.8, and 6.1.2 writes admin... | S | |
| CVE-2015-4965 | maximouiweb/webmodule/webclient/utility/merlin.jsp in IBM Maximo Asset Management 7.1 through 7.1.1.... | | |
| CVE-2015-4966 | IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.9 FP009, and 7.6.0 before 7.6.0... | | |
| CVE-2015-4967 | SQL injection vulnerability in IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.... | S | |
| CVE-2015-4968 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2015-4971 | Cross-site scripting (XSS) vulnerability in IBM Emptoris Strategic Supply Management Platform and Em... | S | |
| CVE-2015-4973 | Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0... | S | |
| CVE-2015-4974 | IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum ... | S | |
| CVE-2015-4980 | Unspecified vulnerability in IBM WebSphere Commerce 7.0.0.6 through 7.0.0.9 allows remote authentica... | S | |
| CVE-2015-4981 | IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and Spectrum ... | S | |
| CVE-2015-4987 | The search and replay servers in IBM Tealeaf Customer Experience 8.0 through 9.0.2 allow remote atta... | | |
| CVE-2015-4988 | Directory traversal vulnerability in the replay server in IBM Tealeaf Customer Experience before 8.7... | S | |
| CVE-2015-4989 | The portal in IBM Tealeaf Customer Experience before 8.7.1.8814, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0... | | |
| CVE-2015-4990 | The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9.0.0... | | |
| CVE-2015-4991 | IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through FP1 ... | | |
| CVE-2015-4992 | IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickj... | S | |
| CVE-2015-4993 | Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 t... | | |
| CVE-2015-4994 | Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3... | S | |
| CVE-2015-4996 | IBM Rational ClearQuest 7.1.x and 8.0.0.x before 8.0.0.17 and 8.0.1.x before 8.0.1.10 allows local u... | | |
| CVE-2015-4997 | IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restriction... | S | |
| CVE-2015-4998 | Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 t... | |