CVE-2015-5xxx

There are 936 CVE in this subgroup.

Last updated:

← Back to 2015

ID	Summary	Flags
CVE-2015-5001	IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 C...
CVE-2015-5002	Cross-site scripting (XSS) vulnerability in IBM Host On-Demand 11.0 through 11.0.14 allows remote at...
CVE-2015-5003	The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before FP7...
CVE-2015-5004	The Edge Component Caching Proxy in IBM WebSphere Application Server (WAS) 8.0 before 8.0.0.12 and 8...
CVE-2015-5005	CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an...
CVE-2015-5006	IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3 FP20,...
CVE-2015-5007	Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Commerce 6.0 through 6.0.0.11, 7.0 ...
CVE-2015-5008	Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through FP11, 6.0 Feature Pac...
CVE-2015-5009	Cross-site scripting (XSS) vulnerability in IBM WebSphere Commerce 6.0 through FP11, 6.0 Feature Pac...	S
CVE-2015-5010	IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9....	S
CVE-2015-5011	IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check auth...	S
CVE-2015-5012	The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 ...	S
CVE-2015-5013	The IBM Security Access Manager appliance includes configuration files that contain obfuscated plain...	S
CVE-2015-5014	IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle...	S
CVE-2015-5015	IBM WebSphere Commerce Enterprise 7.0.0.9 and 8.x before Feature Pack 8 allows remote attackers to o...
CVE-2015-5016	IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Contr...	S
CVE-2015-5017	IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before 7.6...
CVE-2015-5018	IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Acces...
CVE-2015-5019	IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow ...
CVE-2015-5020	The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote aut...
CVE-2015-5021	IBM InfoSphere Information Server 11.3 and 11.5 allows remote authenticated DataStage users to bypas...	S
CVE-2015-5022	IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2...	S
CVE-2015-5023	SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote au...
CVE-2015-5024	IBM Emptoris Sourcing 10.0.2.0 before iFix6, 10.0.2.2 before iFix11, 10.0.2.3, 10.0.2.5 before iFix4...	S
CVE-2015-5035	Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, ...
CVE-2015-5036	Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, ...
CVE-2015-5037	Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 befor...
CVE-2015-5038	IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 does not ...
CVE-2015-5039	The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before...
CVE-2015-5040	Buffer overflow in IBM Domino 8.5.1 through 8.5.3 before 8.5.3 FP6 IF10 and 9.x before 9.0.1 FP4 IF3...	S
CVE-2015-5041	The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR...
CVE-2015-5042	IBM Emptoris Contract Management 9.5.0.x before 9.5.0.6 iFix15, 10.0.0.x and 10.0.1.x before 10.0.1....
CVE-2015-5043	diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, 9.5, and 10.0 before p6015 al...
CVE-2015-5044	The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7...
CVE-2015-5045	The Administration and Reporting tool in IBM Rational License Key Server (RLKS) before 8.1.4.9 iFix ...
CVE-2015-5049	SQL injection vulnerability in the API in IBM OpenPages GRC Platform 7.0 before 7.0.0.4 IF3 and 7.1 ...
CVE-2015-5050	Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x before 9...
CVE-2015-5051	IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Manag...
CVE-2015-5052	SQL injection vulnerability in Sefrengo before 1.6.5 beta2....
CVE-2015-5053	The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and R352 b...
CVE-2015-5054	Open redirect vulnerability in Ellucian (formerly SunGard) Banner Student 8.5.1.2 through 8.7 allows...
CVE-2015-5057	Cross-site scripting (XSS) vulnerability exists in the Wordpress admin panel when the Broken Link Ch...
CVE-2015-5058	Memory leak in the virtual server component in F5 Big-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM, Li...
CVE-2015-5059	The "Project Documentation" feature in MantisBT 1.2.19 and earlier, when the threshold to access fil...	S
CVE-2015-5060	Cross-site scripting (XSS) vulnerability in anchor-cms before 0.9-dev....	E
CVE-2015-5061	Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112 an...	E
CVE-2015-5062	Open redirect vulnerability in SilverStripe CMS & Framework 3.1.13 allows remote attackers to redire...	E
CVE-2015-5063	Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe CMS & Framework 3.1.13 allow rem...	E
CVE-2015-5064	Multiple cross-site scripting (XSS) vulnerabilities in MySql Lite Administrator (mysql-lite-administ...	E
CVE-2015-5065	Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Curre...	E S
CVE-2015-5066	Multiple cross-site scripting (XSS) vulnerabilities in the MetalGenix GeniXCMS 0.0.3 allow remote at...	E
CVE-2015-5067	The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentia...
CVE-2015-5068	XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arb...
CVE-2015-5069	The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in fi...	S
CVE-2015-5070	The (1) filesystem::get_wml_location function in filesystem.cpp and (2) is_legal_file function in fi...	S
CVE-2015-5071	AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Serve...
CVE-2015-5072	The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System ...
CVE-2015-5073	Heap-based buffer overflow in the find_fixedlength function in pcre_compile.c in PCRE before 8.38 al...	E
CVE-2015-5074	Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/Fi...	E
CVE-2015-5075	Cross-site request forgery (CSRF) vulnerability in X2Engine X2CRM before 5.2 allows remote attackers...	E
CVE-2015-5076	Multiple cross-site scripting (XSS) vulnerabilities in X2Engine X2CRM before 5.0.9 allow remote atta...	E
CVE-2015-5078	SQL injection vulnerability in the insert function in application/controllers/admin/dataentry.php in...
CVE-2015-5079	Directory traversal vulnerability in widgets/logs.php in BlackCat CMS before 1.1.2 allows remote att...	E
CVE-2015-5080	The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gat...
CVE-2015-5081	Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allo...
CVE-2015-5082	Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell metachara...	E
CVE-2015-5084	The Siemens SIMATIC WinCC Sm@rtClient and Sm@rtClient Lite applications before 01.00.01.00 for Andro...	S
CVE-2015-5085	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5086	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5087	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5088	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5089	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5090	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5091	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5092	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5093	Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and...	S
CVE-2015-5094	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5095	Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12...	S
CVE-2015-5096	Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...	S
CVE-2015-5097	Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat an...	S
CVE-2015-5098	Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...	S
CVE-2015-5099	Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12...	S
CVE-2015-5100	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5101	Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12...	S
CVE-2015-5102	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5103	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5104	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5105	Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, ...	S
CVE-2015-5106	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5107	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5108	Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat an...	S
CVE-2015-5109	Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat an...	S
CVE-2015-5110	Stack-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12,...	S
CVE-2015-5111	Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12...	S
CVE-2015-5112	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5113	Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12...	S
CVE-2015-5114	Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12...	S
CVE-2015-5115	Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5116	Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and...	E S
CVE-2015-5117	Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18...	S
CVE-2015-5118	Heap-based buffer overflow in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0...	S
CVE-2015-5119	Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Ad...	KEV E S
CVE-2015-5120	Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2015-5121	Adobe Shockwave Player before 12.1.9.159 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2015-5122	Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation i...	KEV E
CVE-2015-5123	Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in A...	KEV
CVE-2015-5124	Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and...
CVE-2015-5125	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5126	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5127	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	E S
CVE-2015-5128	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2015-5129	Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11...	S
CVE-2015-5130	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	E S
CVE-2015-5131	Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 ...	E S
CVE-2015-5132	Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 ...	E S
CVE-2015-5133	Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 ...	E S
CVE-2015-5134	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	E S
CVE-2015-5143	The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x bef...	S
CVE-2015-5144	Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 uses an incorr...
CVE-2015-5145	validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of se...
CVE-2015-5146	ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with ...	M
CVE-2015-5147	Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3...
CVE-2015-5148	SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL com...	E
CVE-2015-5149	Directory traversal vulnerability in Zoho ManageEngine SupportCenter Plus 7.90 allows remote authent...	E
CVE-2015-5150	Multiple cross-site scripting (XSS) vulnerabilities in Zoho ManageEngine SupportCenter Plus 7.90 all...	E
CVE-2015-5151	Cross-site scripting (XSS) vulnerability in the Slider Revolution (revslider) plugin 4.2.2 for WordP...	E
CVE-2015-5152	Foreman after 1.1 and before 1.9.0-RC1 does not redirect HTTP requests to HTTPS when the require_ssl...	M
CVE-2015-5153	Pulp does not remove permissions for named objects upon deletion, which allows authenticated users t...
CVE-2015-5154	Heap-based buffer overflow in the IDE subsystem in QEMU, as used in Xen 4.5.x and earlier, when the ...	S
CVE-2015-5155	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3609. Reason: This candidate...	R
CVE-2015-5156	The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to su...
CVE-2015-5157	arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET fa...
CVE-2015-5158	Stack-based buffer overflow in hw/scsi/scsi-bus.c in QEMU, when built with SCSI-device emulation sup...
CVE-2015-5159	python-kdcproxy before 0.3.2 allows remote attackers to cause a denial of service via a large POST r...	S
CVE-2015-5160	libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device ...
CVE-2015-5161	The Zend_Xml_Security::scan in ZendXml before 1.0.1 and Zend Framework before 1.12.14, 2.x before 2....	E
CVE-2015-5162	The image parser in OpenStack Cinder 7.0.2 and 8.0.0 through 8.1.1; Glance before 11.0.1 and 12.0.0;...	E
CVE-2015-5163	The import task action in OpenStack Image Service (Glance) 2015.1.x before 2015.1.2 (kilo), when usi...
CVE-2015-5164	The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote...
CVE-2015-5165	The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x...	S
CVE-2015-5166	Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated bl...	S
CVE-2015-5167	The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass inte...
CVE-2015-5168	Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server 5.3.x before 5...
CVE-2015-5169	Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20....
CVE-2015-5170	Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elast...
CVE-2015-5171	The password change functionality in Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, ...
CVE-2015-5172	Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elast...
CVE-2015-5173	Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elast...
CVE-2015-5174	Directory traversal vulnerability in RequestUtil.java in Apache Tomcat 6.x before 6.0.45, 7.x before...
CVE-2015-5175	Application plugins in Apache CXF Fediz before 1.1.3 and 1.2.x before 1.2.1 allow remote attackers t...	S
CVE-2015-5176	The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not prope...
CVE-2015-5177	Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 all...	E S
CVE-2015-5178	The Management Console in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly...
CVE-2015-5179	FreeIPA might display user data improperly via vectors involving non-printable characters....	E
CVE-2015-5180	res_query in libresolv in glibc before 2.25 allows remote attackers to cause a denial of service (NU...	S
CVE-2015-5181	The JBoss console in A-MQ allows remote attackers to execute arbitrary JavaScript....
CVE-2015-5182	Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ....
CVE-2015-5183	Console: HTTPOnly and Secure attributes not set on cookies in Red Hat AMQ....
CVE-2015-5184	Console: CORS headers set to allow all in Red Hat AMQ....
CVE-2015-5185	The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers...	E
CVE-2015-5186	Audit before 2.4.4 in Linux does not sanitize escape characters in filenames....
CVE-2015-5187	Candlepin allows remote attackers to obtain sensitive information by obtaining Java exception statem...
CVE-2015-5188	Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterpri...
CVE-2015-5189	Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, whic...
CVE-2015-5190	The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary co...
CVE-2015-5191	VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use...
CVE-2015-5192	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-5195. Reason: This candida...	R
CVE-2015-5193	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7703. Reason: This candida...	R
CVE-2015-5194	The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attacke...	S
CVE-2015-5195	ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service ...	S
CVE-2015-5196	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7703. Reason: This candidate...	R
CVE-2015-5197	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2015-5198	libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privi...
CVE-2015-5199	Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain priv...
CVE-2015-5200	The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allow...
CVE-2015-5201	VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-201...
CVE-2015-5202	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-5233. Reason: This candidate...	R
CVE-2015-5203	Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote at...
CVE-2015-5204	CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file-transfe...
CVE-2015-5205	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...	R
CVE-2015-5206	Unspecified vulnerability in the HTTP/2 experimental feature in Apache Traffic Server before 5.3.x b...
CVE-2015-5207	Apache Cordova iOS before 4.0.0 might allow attackers to bypass a URL whitelist protection mechanism...
CVE-2015-5208	Apache Cordova iOS before 4.0.0 allows remote attackers to execute arbitrary plugins via a link....
CVE-2015-5209	Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user...	M
CVE-2015-5210	Open redirect vulnerability in Apache Ambari before 2.1.2 allows remote attackers to redirect users ...
CVE-2015-5211	Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and olde...	E
CVE-2015-5212	Integer underflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2, when the configura...
CVE-2015-5213	Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attack...
CVE-2015-5214	LibreOffice before 4.4.6 and 5.x before 5.0.1 and Apache OpenOffice before 4.1.2 allows remote attac...
CVE-2015-5215	The default configuration of the Jinja templating engine used in the Identity Provider (IdP) server ...	S
CVE-2015-5216	The Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain ch...	S
CVE-2015-5217	providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does no...
CVE-2015-5218	Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cau...	E S
CVE-2015-5219	The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions fr...	S
CVE-2015-5220	The Web Console in Red Hat Enterprise Application Platform (EAP) before 6.4.4 and WildFly (formerly ...	S
CVE-2015-5221	Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasP...	S
CVE-2015-5222	Red Hat OpenShift Enterprise 3.0.0.0 does not properly check permissions, which allows remote authen...
CVE-2015-5223	OpenStack Object Storage (Swift) before 2.4.0 allows attackers to obtain sensitive information via a...
CVE-2015-5224	The mkostemp function in login-utils in util-linux when used incorrectly allows remote attackers to ...	S
CVE-2015-5225	Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before ...	S
CVE-2015-5226	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2015-5227	The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary cod...
CVE-2015-5228	The service daemon in CRIU creates log and dump files insecurely, which allows local users to create...
CVE-2015-5229	The calloc function in the glibc package in Red Hat Enterprise Linux (RHEL) 6.7 and 7.2 does not pro...
CVE-2015-5230	The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4....
CVE-2015-5231	The service daemon in CRIU does not properly restrict access to non-dumpable processes, which allows...
CVE-2015-5232	Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0.0.197....	S
CVE-2015-5233	Foreman before 1.8.4 and 1.9.x before 1.9.1 do not properly apply view_hosts permissions, which allo...	S
CVE-2015-5234	IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sanitize applet URLs, which allows...	S
CVE-2015-5235	IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly determine the origin of unsigned a...	S
CVE-2015-5236	It was discovered that the IcedTea-Web used codebase attribute of the tag on the HTML page ...	E
CVE-2015-5237	protobuf allows remote authenticated attackers to cause a heap-based buffer overflow....
CVE-2015-5238	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-3796. Reason: This candidate...	R
CVE-2015-5239	Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial o...	S
CVE-2015-5240	Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 p...
CVE-2015-5241	After logging into the portal, the logout jsp page redirects the browser back to the login page afte...	M
CVE-2015-5242	OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python module...
CVE-2015-5243	phpWhois allows remote attackers to execute arbitrary code via a crafted whois record....	E S
CVE-2015-5244	The NSSCipherSuite option with ciphersuites enabled in mod_nss before 1.0.12 allows remote attackers...	S
CVE-2015-5245	CRLF injection vulnerability in the Ceph Object Gateway (aka radosgw or RGW) in Ceph before 0.94.4 a...
CVE-2015-5246	The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old ...	S
CVE-2015-5247	The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users wi...
CVE-2015-5248	Reflected file download vulnerability in Red Hat Feedhenry Enterprise Mobile Application Platform....
CVE-2015-5249	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2015-5250	The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (maste...
CVE-2015-5251	OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allow re...
CVE-2015-5252	vfs.c in smbd in Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, when s...	E
CVE-2015-5253	The SAML Web SSO module in Apache CXF before 2.7.18, 3.0.x before 3.0.7, and 3.1.x before 3.1.3 allo...
CVE-2015-5254	Apache ActiveMQ 5.x before 5.13.0 does not restrict the classes that can be serialized in the broker...
CVE-2015-5255	Adobe BlazeDS, as used in ColdFusion 10 before Update 18 and 11 before Update 7 and LiveCycle Data S...	S
CVE-2015-5256	Apache Cordova-Android before 4.1.0, when an application relies on a remote server, improperly imple...
CVE-2015-5257	drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate attacker...
CVE-2015-5258	Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3....
CVE-2015-5259	Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x b...
CVE-2015-5260	Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service...
CVE-2015-5261	Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to read and write to arbitra...
CVE-2015-5262	http/conn/ssl/SSLConnectionSocketFactory.java in Apache HttpComponents HttpClient before 4.3.6 ignor...
CVE-2015-5263	pulp-consumer-client 2.4.0 through 2.6.3 does not check the server's TLS certificate signatures when...	S
CVE-2015-5264	The lesson module in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x befor...
CVE-2015-5265	The wiki component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x befo...
CVE-2015-5266	The enrol_meta_sync function in enrol/meta/locallib.php in Moodle through 2.6.11, 2.7.x before 2.7.1...
CVE-2015-5267	lib/moodlelib.php in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x befor...
CVE-2015-5268	The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x be...
CVE-2015-5269	Cross-site scripting (XSS) vulnerability in group/overview.php in Moodle through 2.6.11, 2.7.x befor...
CVE-2015-5270	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2015-5271	The TripleO Heat templates (tripleo-heat-templates) do not properly order the Identity Service (keys...
CVE-2015-5272	The Forum module in Moodle 2.7.x before 2.7.10 allows remote authenticated users to post to arbitrar...
CVE-2015-5273	The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) ...	E
CVE-2015-5274	rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execu...
CVE-2015-5275	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-5257. Reason: This candidate...	R
CVE-2015-5276	The std::random_device class in libstdc++ in the GNU Compiler Collection (aka GCC) before 4.9.4 does...
CVE-2015-5277	The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library...
CVE-2015-5278	The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a de...	S
CVE-2015-5279	Heap-based buffer overflow in the ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 ...
CVE-2015-5280	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2015-5281	The grub2 package before 2.02-0.29 in Red Hat Enterprise Linux (RHEL) 7, when used on UEFI systems, ...
CVE-2015-5282	Cross-site scripting (XSS) vulnerability in Foreman 1.7.0 and after....	S
CVE-2015-5283	The sctp_init function in net/sctp/protocol.c in the Linux kernel before 4.2.3 has an incorrect sequ...	E
CVE-2015-5284	ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc/httpd/...	S
CVE-2015-5285	CRLF injection vulnerability in Kallithea before 0.3 allows remote attackers to inject arbitrary HTT...	E S
CVE-2015-5286	OpenStack Image Service (Glance) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) allows r...
CVE-2015-5287	The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local use...	E
CVE-2015-5288	The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x befor...
CVE-2015-5289	Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9...
CVE-2015-5290	A Denial of Service vulnerability exists in ircd-ratbox 3.0.9 in the MONITOR Command Handler....
CVE-2015-5291	Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x ...
CVE-2015-5292	Memory leak in the Privilege Attribute Certificate (PAC) responder plugin (sssd_pac_plugin.so) in Sy...
CVE-2015-5293	Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interf...
CVE-2015-5294	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...	R
CVE-2015-5295	The template-validate command in OpenStack Orchestration API (Heat) before 2015.1.3 (kilo) and 5.0.x...	S
CVE-2015-5296	Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connections tha...
CVE-2015-5297	An integer overflow issue has been reported in the general_composite_rect() function in pixman prior...	E S
CVE-2015-5298	The Google Login Plugin (versions 1.0 and 1.1) allows malicious anonymous users to authenticate succ...
CVE-2015-5299	The shadow_copy2_get_shadow_copy_data function in modules/vfs_shadow_copy2.c in Samba 3.x and 4.x be...
CVE-2015-5300	The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system c...	S
CVE-2015-5301	providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.2 and 1.1...
CVE-2015-5302	libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which...
CVE-2015-5303	The TripleO Heat templates (tripleo-heat-templates), when deployed via the commandline interface, al...
CVE-2015-5304	Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.5 does not properly authorize access ...
CVE-2015-5305	Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows...
CVE-2015-5306	OpenStack Ironic Inspector (aka ironic-inspector or ironic-discoverd), when debug mode is enabled, m...
CVE-2015-5307	The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS us...	S
CVE-2015-5308	Multiple SQL injection vulnerabilities in cs_admin_users.php in the wp-championship plugin 5.8 for W...	E
CVE-2015-5309	Integer overflow in the terminal emulator in PuTTY before 0.66 allows remote attackers to cause a de...
CVE-2015-5310	The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in respon...
CVE-2015-5311	PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a denia...	S
CVE-2015-5312	The xmlStringLenDecodeEntities function in parser.c in libxml2 before 2.9.3 does not properly preven...
CVE-2015-5313	Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/st...	S
CVE-2015-5314	The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not valid...	S
CVE-2015-5315	The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validat...	S
CVE-2015-5316	The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6...	S
CVE-2015-5317	The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers t...	KEV
CVE-2015-5318	Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protect...
CVE-2015-5319	XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LT...
CVE-2015-5320	Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP sl...
CVE-2015-5321	The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS bef...
CVE-2015-5322	Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attac...
CVE-2015-5323	Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which migh...
CVE-2015-5324	Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information v...
CVE-2015-5325	Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master acces...
CVE-2015-5326	Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS ...
CVE-2015-5327	Out-of-bounds memory read in the x509_decode_time function in x509_cert_parser.c in Linux kernels 4....	S
CVE-2015-5328	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2015-5329	The TripleO Heat templates (tripleo-heat-templates), as used in Red Hat Enterprise Linux OpenStack P...
CVE-2015-5330	ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and...
CVE-2015-5331	Moodle 2.9.x before 2.9.3 does not properly check the contact list before authorizing message transm...
CVE-2015-5332	Atto in Moodle 2.8.x before 2.8.9 and 2.9.x before 2.9.3 allows remote attackers to cause a denial o...
CVE-2015-5333	Memory leak in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a ...	E
CVE-2015-5334	Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cau...	E
CVE-2015-5335	Cross-site request forgery (CSRF) vulnerability in admin/registration/register.php in Moodle through...
CVE-2015-5336	Multiple cross-site scripting (XSS) vulnerabilities in the survey module in Moodle through 2.6.11, 2...
CVE-2015-5337	Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not prop...
CVE-2015-5338	Multiple cross-site request forgery (CSRF) vulnerabilities in the lesson module in Moodle through 2....
CVE-2015-5339	The core_enrol_get_enrolled_users web service in enrol/externallib.php in Moodle through 2.6.11, 2.7...
CVE-2015-5340	Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 does not cons...
CVE-2015-5341	mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 ...
CVE-2015-5342	The choice module in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x befor...
CVE-2015-5343	Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, 1.8.x before 1.8.15, and 1.9.x...
CVE-2015-5344	The camel-xstream component in Apache Camel before 2.15.5 and 2.16.x before 2.16.1 allow remote atta...
CVE-2015-5345	The Mapper component in Apache Tomcat 6.x before 6.0.45, 7.x before 7.0.68, 8.x before 8.0.30, and 9...
CVE-2015-5346	Session fixation vulnerability in Apache Tomcat 7.x before 7.0.66, 8.x before 8.0.30, and 9.x before...
CVE-2015-5347	Cross-site scripting (XSS) vulnerability in the getWindowOpenJavaScript function in org.apache.wicke...	E
CVE-2015-5348	Apache Camel 2.6.x through 2.14.x, 2.15.x before 2.15.5, and 2.16.x before 2.16.1, when using (1) ca...
CVE-2015-5349	The CSV export in Apache LDAP Studio and Apache Directory Studio before 2.0.0-M10 does not properly ...
CVE-2015-5350	In Garden versions 0.22.0-0.329.0, a vulnerability has been discovered in the garden-linux nstar exe...
CVE-2015-5351	The (1) Manager and (2) Host Manager applications in Apache Tomcat 7.x before 7.0.68, 8.x before 8.0...
CVE-2015-5352	The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode...
CVE-2015-5353	Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include and ...	E
CVE-2015-5354	Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to ...	E
CVE-2015-5355	Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attac...	E
CVE-2015-5356	Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allo...
CVE-2015-5357	The Juniper EX4600, QFX3500, QFX3600, and QFX5100 switches with Junos 13.2X51-D15 through 13.2X51-D2...
CVE-2015-5358	Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25,...
CVE-2015-5359	Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25,...
CVE-2015-5360	IPv6 sendd in Juniper Junos 12.1X44 before 12.1X44-D51, 12.1X46 before 12.1X46-D36, 12.1X46 before 1...
CVE-2015-5361	Junos: FTPS through SRX opens up wide range of data channel TCP ports	S
CVE-2015-5362	The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 b...
CVE-2015-5363	The SRX Network Security Daemon (nsd) in Juniper SRX Series services gateways with Junos 12.1X44 bef...
CVE-2015-5364	The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly...
CVE-2015-5365	Cross-site scripting (XSS) vulnerability in Zurmo CRM 3.0.2 allows remote authenticated users to inj...	E
CVE-2015-5366	The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappro...
CVE-2015-5367	The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad...
CVE-2015-5368	The HP lt4112 LTE/HSPA+ Gobi 4G module with firmware before 12.500.00.15.1803 on EliteBook, ElitePad...
CVE-2015-5369	Pulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before ...
CVE-2015-5370	Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not properly implem...	S
CVE-2015-5371	The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload and e...
CVE-2015-5372	The SAML 2.0 implementation in AdNovum nevisAuth 4.13.0.0 before 4.18.3.1, when using SAML POST-Bind...
CVE-2015-5374	A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All ...	E S
CVE-2015-5375	Cross-site scripting (XSS) vulnerability in unspecified dialogs for printing content in the Front En...
CVE-2015-5376	SQL injection vulnerability in the login form in GSI WiNPAT Portal 3.2.0.1001 through 3.6.1.0 allows...
CVE-2015-5377	Elasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors...	S
CVE-2015-5378	Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications be...
CVE-2015-5379	Cross-site scripting (XSS) vulnerability in actions.hsp in the Ajax WebMail interface in AXIGEN Mail...
CVE-2015-5380	The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node.js ...	S
CVE-2015-5381	Cross-site scripting (XSS) vulnerability in program/include/rcmail.php in Roundcube Webmail 1.1.x be...	S
CVE-2015-5382	program/steps/addressbook/photo.inc in Roundcube Webmail before 1.0.6 and 1.1.x before 1.1.2 allows ...	S
CVE-2015-5383	Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by read...	S
CVE-2015-5384	AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation atta...
CVE-2015-5386	Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication ...	S
CVE-2015-5395	Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0....	E S
CVE-2015-5397	Cross-site request forgery (CSRF) vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4....
CVE-2015-5399	Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users to...	E
CVE-2015-5400	Squid before 3.5.6 does not properly handle CONNECT method peer responses when configured with cache...	E
CVE-2015-5401	Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.0...	E
CVE-2015-5402	HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5...
CVE-2015-5403	HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5...
CVE-2015-5404	HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5...
CVE-2015-5405	HP Systems Insight Manager (SIM) before 7.5.0, as used in HP Matrix Operating Environment before 7.5...
CVE-2015-5406	HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, ...
CVE-2015-5407	HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, ...
CVE-2015-5408	HP CentralView Fraud Risk Management 11.1, 11.2, and 11.3; CentralView Revenue Leakage Control 4.1, ...
CVE-2015-5409	Buffer overflow in HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authentic...
CVE-2015-5410	HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to execu...
CVE-2015-5411	HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to obtai...
CVE-2015-5412	Cross-site request forgery (CSRF) vulnerability in HP Version Control Repository Manager (VCRM) befo...
CVE-2015-5413	HP Version Control Repository Manager (VCRM) before 7.5.0 allows remote authenticated users to gain ...
CVE-2015-5414	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5415	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5416	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5417	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5418	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5419	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5420	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5421	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5422	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5423	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5424	Unspecified vulnerability in HP KeyView before 10.23.0.1 and 10.24.x before 10.24.0.1 allows remote ...
CVE-2015-5425	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5426	Unspecified vulnerability in HP LoadRunner Controller before 12.50 allows local users to gain privil...
CVE-2015-5427	HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information...
CVE-2015-5428	HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information...
CVE-2015-5429	HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information...
CVE-2015-5430	HP Matrix Operating Environment before 7.5.0 allows remote attackers to obtain sensitive information...
CVE-2015-5431	HP Matrix Operating Environment before 7.5.0 allows remote authenticated users to obtain sensitive i...
CVE-2015-5432	HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Enviro...
CVE-2015-5433	HP Virtual Connect Enterprise Manager (VCEM) SDK before 7.5.0, as used in HP Matrix Operating Enviro...
CVE-2015-5434	HPE Networking Products, originally branded as Comware 5, Comware 7, H3C, or HP, allow remote attack...	S
CVE-2015-5435	Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 3 before 1.85 and 4 before 2.22...
CVE-2015-5436	A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmw...
CVE-2015-5437	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5438	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5439	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5440	HP UCMDB 10.00 and 10.01 before 10.01CUP12, 10.10 and 10.11 before 10.11CUP6, and 10.2x before 10.21...
CVE-2015-5441	Multiple cross-site scripting (XSS) vulnerabilities in HP ArcSight Management Center before 2.1 and ...
CVE-2015-5442	Unspecified vulnerability in HP Software Update before 5.005.002.002 allows local users to gain priv...
CVE-2015-5443	HP 3PAR Service Processor SP 4.2.0.GA-29 (GA) SPOCC, SP 4.3.0.GA-17 (GA) SPOCC, and SP 4.3.0-GA-24 (...
CVE-2015-5444	Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profile Server Data Analytics Layer ...
CVE-2015-5445	Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1...
CVE-2015-5446	HP StoreOnce Backup system software before 3.13.1 allows remote attackers to execute arbitrary code ...
CVE-2015-5447	Cross-site scripting (XSS) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows...
CVE-2015-5448	HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows local ...	S
CVE-2015-5449	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5450	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5451	Cross-site request forgery (CSRF) vulnerability in HP Operations Orchestration Central 10.x before 1...	S
CVE-2015-5452	SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote attacke...	E
CVE-2015-5453	Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute arbitrar...	E
CVE-2015-5454	Cross-site scripting (XSS) vulnerability in Nucleus CMS allows remote attackers to inject arbitrary ...	E
CVE-2015-5455	Cross-site scripting (XSS) vulnerability in X-Cart 4.5.0 and earlier allows remote attackers to inje...	E
CVE-2015-5456	Cross-site scripting (XSS) vulnerability in the form method in modules/formclass.php in PivotX befor...	E
CVE-2015-5457	PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple ext...	E
CVE-2015-5458	Session fixation vulnerability in fileupload.php in PivotX before 2.3.11 allows remote attackers to ...	E
CVE-2015-5459	SQL injection vulnerability in the AdvanceSearch.class in AdventNetPassTrix.jar in ManageEngine Pass...	E S
CVE-2015-5460	Cross-site scripting (XSS) vulnerability in app/views/events/_menu.html.erb in Snorby 2.6.2 allows r...	E S
CVE-2015-5461	Open redirect vulnerability in the Redirect function in stageshow_redirect.php in the StageShow plug...	E S
CVE-2015-5462	AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML i...
CVE-2015-5463	AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI se...
CVE-2015-5464	The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export restric...
CVE-2015-5465	Silicon Integrated Systems WindowsXP Display Manager (aka VGA Driver Manager and VGA Display Manager...	E
CVE-2015-5466	Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display...	E
CVE-2015-5467	web\ViewAction in Yii (aka Yii2) 2.x before 2.0.5 allows attackers to execute any local .php file vi...
CVE-2015-5468	Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress ...	E S
CVE-2015-5469	Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allow...	E
CVE-2015-5470	The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3 and A...	S
CVE-2015-5471	Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.1077...	E S
CVE-2015-5472	Absolute path traversal vulnerability in lib/download.php in the IBS Mappro plugin before 1.0 for Wo...	E
CVE-2015-5473	Multiple directory traversal vulnerabilities in Samsung SyncThru 6 before 1.0 allow remote attackers...
CVE-2015-5474	BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute arbitra...
CVE-2015-5475	Multiple cross-site scripting (XSS) vulnerabilities in Request Tracker (RT) 4.x before 4.2.12 allow ...	S
CVE-2015-5477	named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a...	E S
CVE-2015-5479	The ff_h263_decode_mba function in libavcodec/ituh263dec.c in Libav before 11.5 allows remote attack...
CVE-2015-5481	Cross-site scripting (XSS) vulnerability in forms/panels.php in the GD bbPress Attachments plugin be...	E
CVE-2015-5482	Directory traversal vulnerability in the GD bbPress Attachments plugin before 2.3 for WordPress allo...	E S
CVE-2015-5483	Multiple cross-site request forgery (CSRF) vulnerabilities in the Private Only plugin 3.5.1 for Word...	E
CVE-2015-5484	Cross-site scripting (XSS) vulnerability in the Plotly plugin before 1.0.3 for WordPress allows remo...	E
CVE-2015-5485	Cross-site scripting (XSS) vulnerability in the Event Import page (import-eventbrite-events.php) in ...	E
CVE-2015-5487	Cross-site scripting (XSS) vulnerability in the Camtasia Relay module 6.x-2.x before 6.x-3.2 and 7.x...	S
CVE-2015-5488	Cross-site scripting (XSS) vulnerability in the MailChimp Signup submodule in the MailChimp module 7...	S
CVE-2015-5489	Cross-site scripting (XSS) vulnerability in the Smart Trim module 7.x-1.x before 7.x-1.5 for Drupal ...	S
CVE-2015-5490	The _views_fetch_data method in includes/cache.inc in the Views module 7.x-3.5 through 7.x-3.10 for ...	E S
CVE-2015-5491	The Dynamic display block module 7.x-1.x before 7.x-1.1 for Drupal allows remote authenticated users...	S
CVE-2015-5492	Cross-site scripting (XSS) vulnerability in the Video Consultation module for Drupal allows remote a...	S
CVE-2015-5493	The Entityform Block module 7.x-1.x before 7.x-1.3 for Drupal does not properly check permissions wh...	S
CVE-2015-5494	Cross-site scripting (XSS) vulnerability in the Webform Matrix Component module 7.x-4.x before 7.x-4...	S
CVE-2015-5495	Cross-site scripting (XSS) vulnerability in the Mobile sliding menu module 7.x-2.x before 7.x-2.1 fo...	S
CVE-2015-5496	The pass2pdf module for Drupal does not restrict access to generated PDF files, which allows remote ...	S
CVE-2015-5497	Cross-site scripting (XSS) vulnerability in the Web Links module 6.x-2.x before 6.x-2.6 and 7.x-1.x ...	S
CVE-2015-5498	The Shipwire API module 7.x-1.x before 7.x-1.03 for Drupal does not check the view permission for th...	S
CVE-2015-5499	The Navigate module for Drupal does not properly check permissions, which allows remote authenticate...	S
CVE-2015-5500	Cross-site scripting (XSS) vulnerability in the Navigate module for Drupal allows remote authenticat...	S
CVE-2015-5501	The Hostmaster (Aegir) module 6.x-2.x before 6.x-2.4 and 7.x-3.x before 7.x-3.0-beta2 for Drupal all...
CVE-2015-5502	The Storage API module 7.x-1.x before 7.x-1.8 for Drupal does not properly restrict access to Storag...	S
CVE-2015-5503	Open redirect vulnerability in the Chamilo integration module 7.x-1.x before 7.x-1.2 for Drupal allo...	S
CVE-2015-5504	SQL injection vulnerability in the Novalnet Payment Module Ubercart module for Drupal allows remote ...	S
CVE-2015-5505	The HTTP Strict Transport Security (HSTS) module 6.x-1.x before 6.x-1.1 and 7.x-1.x before 7.x-1.2 f...	S
CVE-2015-5506	The Apache Solr Real-Time module 7.x-1.x before 7.x-1.2 for Drupal does not check the status of an e...	S
CVE-2015-5507	Cross-site scripting (XSS) vulnerability in the Inline Entity Form module 7.x-1.x before 7.x-1.6 for...	S
CVE-2015-5508	Cross-site request forgery (CSRF) vulnerability in the XC NCIP Provider module in the eXtensible Cat...
CVE-2015-5509	The Administration Views module 7.x-1.x before 7.x-1.4 for Drupal, when used with other unspecified ...	S
CVE-2015-5510	Open redirect vulnerability in the Content Construction Kit (CCK) 6.x-2.x before 6.x-2.10 for Drupal...	S
CVE-2015-5511	The HybridAuth Social Login module 7.x-2.x before 7.x-2.13 for Drupal allows remote attackers to byp...	S
CVE-2015-5512	The me aliases module 6.x-2.x before 6.x-2.10 and 7.x-1.x before 7.x-1.2 for Drupal allows remote at...	S
CVE-2015-5513	Cross-site scripting (XSS) vulnerability in the Shibboleth authentication module 6.x-4.x before 6.x-...	S
CVE-2015-5514	Cross-site scripting (XSS) vulnerability in the Migrate module 7.x-2.x before 7.x-2.8 for Drupal, wh...	S
CVE-2015-5515	The Views Bulk Operations (VBO) module 6.x-1.x and 7.x-3.x before 7.x-3.3 for Drupal, when the bulk ...	S
CVE-2015-5516	Memory leak in the last hop kernel module in F5 BIG-IP LTM, GTM, and Link Controller 10.1.x, 10.2.x ...
CVE-2015-5519	Cross-site scripting (XSS) vulnerability in the applyConvolution demo in WideImage 11.02.19 allows r...	E
CVE-2015-5520	Cross-site scripting (XSS) vulnerability in the Users module in Orchard 1.7.3 through 1.8.2 and 1.9....	E S
CVE-2015-5521	Cross-site scripting (XSS) vulnerability in BlackCat CMS 1.1.2 allows remote attackers to inject arb...	E
CVE-2015-5522	Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote...	E
CVE-2015-5523	The ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial o...	E
CVE-2015-5524	An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13...
CVE-2015-5528	Cross-site scripting (XSS) vulnerability in the save_order function in class-floating-social-bar.php...	E
CVE-2015-5529	Multiple cross-site scripting (XSS) vulnerabilities in Free Reprintables ArticleFR 3.0.6 allow remot...	E
CVE-2015-5530	Multiple cross-site request forgery (CSRF) vulnerabilities in Free Reprintables ArticleFR 3.0.6 allo...	E
CVE-2015-5531	Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbi...	E
CVE-2015-5532	Multiple cross-site scripting (XSS) vulnerabilities in the Paid Memberships Pro (PMPro) plugin befor...	E S
CVE-2015-5533	SQL injection vulnerability in counter-options.php in the Count Per Day plugin before 3.4.1 for Word...	E
CVE-2015-5534	Multiple cross-site request forgery (CSRF) vulnerabilities in Oxwall before 1.8 allow remote attacke...	E
CVE-2015-5535	Cross-site scripting (XSS) vulnerability in the qTranslate plugin 2.5.39 and earlier for WordPress a...	E
CVE-2015-5536	Belkin N300 Dual-Band Wi-Fi Range Extender with firmware before 1.04.10 allows remote authenticated ...	S
CVE-2015-5537	The SSL layer of the HTTPS service in Siemens RuggedCom ROS before 4.2.0 and ROX II does not properl...	S
CVE-2015-5538	Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and N...
CVE-2015-5539	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	E S
CVE-2015-5540	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	E S
CVE-2015-5541	Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11...	S
CVE-2015-5542	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5543	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5544	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5545	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5546	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5547	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5548	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5549	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5550	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5551	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5552	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5553	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5554	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5555	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5556	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5557	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5558	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5559	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5560	Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508...	S
CVE-2015-5561	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5562	Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR...	S
CVE-2015-5563	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5564	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5565	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5566	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before ...	S
CVE-2015-5567	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5568	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	E S
CVE-2015-5569	Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2....	S
CVE-2015-5570	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W...	S
CVE-2015-5571	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5572	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5573	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5574	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W...	E S
CVE-2015-5575	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5576	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5577	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5578	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5579	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5580	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5581	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W...	S
CVE-2015-5582	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5583	Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...	S
CVE-2015-5584	Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W...	S
CVE-2015-5585	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5586	Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...	S
CVE-2015-5587	Stack-based buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Wi...	S
CVE-2015-5588	Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....	S
CVE-2015-5589	The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5.5....
CVE-2015-5590	Stack-based buffer overflow in the phar_fix_filepath function in ext/phar/phar.c in PHP before 5.4.4...	E
CVE-2015-5591	SQL injection vulnerability in Zenphoto before 1.4.9 allow remote administrators to execute arbitrar...	E
CVE-2015-5592	Incomplete blacklist in sanitize_string in Zenphoto before 1.4.9 allows remote attackers to conduct ...	E
CVE-2015-5593	The sanitize_string function in Zenphoto before 1.4.9 does not properly sanitize HTML tags, which al...	E
CVE-2015-5594	The sanitize_string function in ZenPhoto before 1.4.9 utilized the html_entity_decode function after...	E
CVE-2015-5595	Cross-site request forgery (CSRF) vulnerability in admin.php in Zenphoto before 1.4.9 allows remote ...	E
CVE-2015-5596	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2015-5597	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2015-5598	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...	R
CVE-2015-5599	Multiple SQL injection vulnerabilities in upload.php in the Powerplay Gallery plugin 3.3 for WordPre...	E
CVE-2015-5600	The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly re...	E
CVE-2015-5601	edx-platform before 2015-07-20 allows code execution by privileged users because the course import e...	S
CVE-2015-5602	sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file ...	E
CVE-2015-5603	The HipChat for JIRA plugin before 6.30.0 for Atlassian JIRA allows remote authenticated users to ex...	E
CVE-2015-5605	The regular-expression implementation in Google V8, as used in Google Chrome before 44.0.2403.89, mi...
CVE-2015-5606	Vordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial ...
CVE-2015-5607	Cross-site request forgery in the REST API in IPython 2 and 3....	E S
CVE-2015-5608	Open redirect vulnerability in Joomla! CMS 3.0.0 through 3.4.1....
CVE-2015-5609	Absolute path traversal vulnerability in the Image Export plugin 1.1 for WordPress allows remote att...	E
CVE-2015-5610	The RSM (aka RSMWinService) service in SolarWinds N-Able N-Central before 9.5.1.4514 uses the same p...
CVE-2015-5611	Unspecified vulnerability in Uconnect before 15.26.1, as used in certain Fiat Chrysler Automobiles (...
CVE-2015-5612	Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attacker...	S
CVE-2015-5613	Cross-site scripting (XSS) vulnerability in October CMS build 271 and earlier allows remote attacker...	E S
CVE-2015-5614	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5615	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5617	SQL injection vulnerability in pub/m_pending_news/delete_pending_news.jsp in Enorth Webpublisher CMS...	E
CVE-2015-5618	Chiyu BF-630 and BF-630W fingerprint access-control devices allow remote attackers to bypass authent...
CVE-2015-5619	Logstash 1.4.x before 1.4.5 and 1.5.x before 1.5.4 with Lumberjack output or the Logstash forwarder ...
CVE-2015-5621	The snmp_pdu_parse function in snmp_api.c in net-snmp 5.7.2 and earlier does not remove the varBind ...	E
CVE-2015-5622	Cross-site scripting (XSS) vulnerability in WordPress before 4.2.3 allows remote authenticated users...	S
CVE-2015-5623	WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote authe...	S
CVE-2015-5624	Buffer overflow in the ExecCall method in c2lv6.ocx in the FreeBit ELPhoneBtnV6 ActiveX control allo...
CVE-2015-5625	Cross-site scripting (XSS) vulnerability in OpenDocMan before 1.3.4 allows remote attackers to injec...
CVE-2015-5626	Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50...	M
CVE-2015-5627	Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50...	M
CVE-2015-5628	Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50...	M
CVE-2015-5629	The NTT Broadband Platform Japan Connected-free Wi-Fi application 1.6.0 and earlier for Android and ...	S
CVE-2015-5630	Cross-site scripting (XSS) vulnerability in the NTT Broadband Platform Japan Connected-free Wi-Fi ap...	S
CVE-2015-5631	Cross-site request forgery (CSRF) vulnerability in the Remote UI on Canon PIXMA MG7500 printers allo...
CVE-2015-5632	The runtime engine in the Newphoria applican framework before 1.12.3 for Android and before 1.12.2 f...
CVE-2015-5633	The Newphoria Auction Camera application for iOS and before 1.2 for Android allows attackers to bypa...
CVE-2015-5634	The Newphoria MEGAPHONE MUSIC application before 1.1 for Android and before 1.1 for iOS allows attac...
CVE-2015-5635	The Newphoria Koritore application before 1.1 for Android and before 1.1 for iOS allows attackers to...
CVE-2015-5636	The Newphoria Reversi application before 1.0.3 for Android and before 1.2 for iOS allows attackers t...
CVE-2015-5637	The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist p...
CVE-2015-5638	Directory traversal vulnerability in H2O before 1.4.5 and 1.5.x before 1.5.0-beta2, when the file.di...
CVE-2015-5639	niconico App for iOS before 6.38 does not verify SSL certificates which could allow remote attackers...
CVE-2015-5640	baserCMS before 3.0.8 allows remote authenticated users to modify arbitrary user settings via a craf...
CVE-2015-5641	SQL injection vulnerability in baserCMS before 3.0.8 allows remote authenticated users to execute ar...
CVE-2015-5642	Multiple SQL injection vulnerabilities in ICZ MATCHA INVOICE before 2.5.7 allow remote authenticated...
CVE-2015-5643	The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database, which all...
CVE-2015-5644	The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows ...
CVE-2015-5645	ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges vi...
CVE-2015-5646	Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote authenticated users to execute a...	S
CVE-2015-5647	The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote auth...
CVE-2015-5648	SQL injection vulnerability in list.php in phpRechnung before 1.6.5 allows remote authenticated user...	S
CVE-2015-5649	Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which allo...
CVE-2015-5650	Directory traversal vulnerability in AjaXplorer 2.0 allows remote attackers to read arbitrary files ...
CVE-2015-5651	Cross-site scripting (XSS) vulnerability in Dotclear before 2.8.1 allows remote attackers to inject ...	S
CVE-2015-5652	Untrusted search path vulnerability in python.exe in Python through 3.5.0 on Windows allows local us...
CVE-2015-5653	Buffer overflow in Canary Labs Trend Web Server before 9.5.2 allows remote attackers to execute arbi...
CVE-2015-5654	Cross-site scripting (XSS) vulnerability in Dojo Toolkit before 1.2 allows remote attackers to injec...
CVE-2015-5655	The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 certificates from SSL servers,...
CVE-2015-5656	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5657	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5658	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5659	SQL injection vulnerability in Network Applied Communication Laboratory Pref Shimane CMS 2.x before ...
CVE-2015-5660	Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to...
CVE-2015-5661	The SAND STUDIO AirDroid application 1.1.0 and earlier for Android mishandles implicit intents, whic...
CVE-2015-5662	Directory traversal vulnerability in Avast before 150918-0 allows remote attackers to delete or writ...
CVE-2015-5663	The file-execution functionality in WinRAR before 5.30 beta 5 allows local users to gain privileges ...
CVE-2015-5664	Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS before 4.2.0 allows remote atta...	S
CVE-2015-5665	Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.3 allows remot...
CVE-2015-5666	ANA App for Android 3.1.1 and earlier, and ANA App for iOS 3.3.6 and earlier does not verify SSL cer...
CVE-2015-5667	Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the ...	S
CVE-2015-5668	SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers t...
CVE-2015-5669	Techno Project Japan Enisys Gw before 1.4.1 allows remote authenticated users to write to arbitrary ...
CVE-2015-5670	Cross-site scripting (XSS) vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remot...
CVE-2015-5671	Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to bypass intended access restri...
CVE-2015-5672	TYPE-MOON Fate/stay night, Fate/hollow ataraxia, Witch on the Holy Night, and Fate/stay night + holl...
CVE-2015-5673	eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015-10...
CVE-2015-5674	The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 before 10.2-RC2-p1, 10.2-RC1 befor...	M
CVE-2015-5675	The sys_amd64 IRET Handler in the kernel in FreeBSD 9.3 and 10.1 allows local users to gain privileg...
CVE-2015-5677	bsnmpd, as used in FreeBSD 9.3, 10.1, and 10.2, uses world-readable permissions on the snmpd.config ...	E S
CVE-2015-5681	Unrestricted file upload vulnerability in upload.php in the Powerplay Gallery plugin 3.3 for WordPre...	E
CVE-2015-5682	upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbit...	E
CVE-2015-5684	MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflo...
CVE-2015-5685	The lazy_bdecode function in BitTorrent DHT bootstrap server (bootstrap-dht ) allows remote attacker...
CVE-2015-5686	Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cr...
CVE-2015-5687	system/session/drivers/cookie.php in Anchor CMS 0.9.x allows remote attackers to conduct PHP object ...
CVE-2015-5688	Directory traversal vulnerability in lib/app/index.js in Geddy before 13.0.8 for Node.js allows remo...	E S
CVE-2015-5689	ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0...
CVE-2015-5690	The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0....
CVE-2015-5691	Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Syma...
CVE-2015-5692	admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software ...
CVE-2015-5693	The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0....
CVE-2015-5694	Designate does not enforce the DNS protocol limit concerning record set sizes...
CVE-2015-5695	Designate 2015.1.0 through 1.0.0.0b1 as packaged in OpenStack Kilo does not enforce RecordSets per d...	E S
CVE-2015-5696	Dell Netvault Backup before 10.0.5 allows remote attackers to cause a denial of service (crash) via ...	E
CVE-2015-5697	The get_bitmap_file function in drivers/md/md.c in the Linux kernel before 4.1.6 does not initialize...
CVE-2015-5698	Cross-site request forgery (CSRF) vulnerability in the web server on Siemens SIMATIC S7-1200 CPU dev...	S
CVE-2015-5699	The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows loca...
CVE-2015-5700	mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to...	S
CVE-2015-5701	mktexlsr revision 36855, and before revision 36626 as packaged in texlive allows local users to writ...	S
CVE-2015-5703	SQL injection vulnerability in the public key discovery API call in Open-Xchange OX Guard before 2.0...
CVE-2015-5704	scripts/licensecheck.pl in devscripts before 2.15.7 allows local users to execute arbitrary shell co...	S
CVE-2015-5705	Argument injection vulnerability in devscripts before 2.15.7 allows remote attackers to write to arb...	S
CVE-2015-5706	Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4...	S
CVE-2015-5707	Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through...	S
CVE-2015-5711	TIBCO Managed File Transfer Internet Server before 7.2.5, Managed File Transfer Command Center befor...
CVE-2015-5712	Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6...
CVE-2015-5713	Spotfire Parsing Library and Spotfire Security Filter in TIBCO Spotfire Server 5.5.x before 5.5.4, 6...
CVE-2015-5714	Cross-site scripting (XSS) vulnerability in WordPress before 4.3.1 allows remote attackers to inject...	S
CVE-2015-5715	The mw_editPost function in wp-includes/class-wp-xmlrpc-server.php in the XMLRPC subsystem in WordPr...	S
CVE-2015-5717	The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certific...
CVE-2015-5718	Stack-based buffer overflow in the handle_debug_network function in the manager in Websense Content ...	E
CVE-2015-5719	app/Controller/TemplatesController.php in Malware Information Sharing Platform (MISP) before 2.3.92 ...	S
CVE-2015-5720	Multiple cross-site scripting (XSS) vulnerabilities in the template-creation feature in Malware Info...	S
CVE-2015-5721	Malware Information Sharing Platform (MISP) before 2.3.90 allows remote attackers to conduct PHP obj...	S
CVE-2015-5722	buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attacker...
CVE-2015-5723	Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 an...
CVE-2015-5725	SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2....
CVE-2015-5726	The BER decoder in Botan 0.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to ...
CVE-2015-5727	The BER decoder in Botan 1.10.x before 1.10.10 and 1.11.x before 1.11.19 allows remote attackers to ...
CVE-2015-5729	The Soft Access Point (AP) feature in Samsung Smart TVs X10P, X12, X14H, X14J, and NT14U and Xpress ...	E
CVE-2015-5730	The sanitize_widget_instance function in wp-includes/class-wp-customize-widgets.php in WordPress bef...	S
CVE-2015-5731	Cross-site request forgery (CSRF) vulnerability in wp-admin/post.php in WordPress before 4.2.4 allow...	S
CVE-2015-5732	Cross-site scripting (XSS) vulnerability in the form function in the WP_Nav_Menu_Widget class in wp-...	S
CVE-2015-5733	Cross-site scripting (XSS) vulnerability in the refreshAdvancedAccessibilityOfItem function in wp-ad...	S
CVE-2015-5734	Cross-site scripting (XSS) vulnerability in the legacy theme preview implementation in wp-includes/t...	S
CVE-2015-5735	The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in Fo...
CVE-2015-5736	The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitr...	E
CVE-2015-5737	The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, (4) mdare64_52.sys, and (5) Fortishi...
CVE-2015-5738	The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II ...
CVE-2015-5739	The net/http library in net/textproto/reader.go in Go before 1.4.3 does not properly parse HTTP head...	S
CVE-2015-5740	The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers...	S
CVE-2015-5741	The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers...	S
CVE-2015-5742	VeeamVixProxy in Veeam Backup & Replication (B&R) before 8.0 update 3 stores local administrator cre...	E
CVE-2015-5745	Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0...	E S
CVE-2015-5746	AppleFileConduit in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on files...
CVE-2015-5747	The fasttrap driver in the kernel in Apple OS X before 10.10.5 allows local users to cause a denial ...
CVE-2015-5748	The kernel in Apple OS X before 10.10.5 does not properly mount HFS volumes, which allows local user...
CVE-2015-5749	The Sandbox_profiles component in Apple iOS before 8.4.1 allows attackers to bypass the third-party ...
CVE-2015-5750	Data Detectors Engine in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cau...
CVE-2015-5751	QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-5752	Backup in Apple iOS before 8.4.1 allows attackers to bypass intended restrictions on filesystem acce...
CVE-2015-5753	QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-5754	Race condition in runner in Install.framework in the Install Framework Legacy component in Apple OS ...	E
CVE-2015-5755	CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitr...	S
CVE-2015-5756	FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbi...
CVE-2015-5757	libpthread in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary c...
CVE-2015-5758	ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitra...
CVE-2015-5759	WebKit in Apple iOS before 8.4.1 allows remote attackers to spoof clicks via a crafted web site that...
CVE-2015-5760	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5761	CoreText in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitr...	S
CVE-2015-5762	Rejected reason: This candidate is unused by its CNA....	R
CVE-2015-5763	ntfs in Apple OS X before 10.10.5 allows local users to gain privileges or cause a denial of service...
CVE-2015-5764	The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspeci...
CVE-2015-5765	The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspeci...
CVE-2015-5766	Directory traversal vulnerability in Air Traffic in Apple iOS before 8.4.1 allows attackers to acces...
CVE-2015-5767	The user interface in Safari in Apple iOS before 9 allows remote attackers to spoof URLs via unspeci...
CVE-2015-5768	AppleGraphicsControl in Apple OS X before 10.10.5 allows attackers to obtain sensitive kernel memory...
CVE-2015-5769	The MSVDX driver in Apple iOS before 8.4.1 allows remote attackers to cause a denial of service (dev...
CVE-2015-5770	MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisionin...
CVE-2015-5771	Quartz Composer Framework in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary ...
CVE-2015-5772	Heap-based buffer overflow in SceneKit in Apple OS X before 10.10.5 allows remote attackers to execu...
CVE-2015-5773	QL Office in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbit...
CVE-2015-5774	Buffer overflow in IOHIDFamily in Apple iOS before 8.4.1 and OS X before 10.10.5 allows local users ...
CVE-2015-5775	FontParser in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbi...
CVE-2015-5776	Libinfo in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to execute arbitra...
CVE-2015-5777	CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to exec...
CVE-2015-5778	CoreMedia Playback in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to exec...
CVE-2015-5779	QuickTime 7 in Apple OS X before 10.10.5 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-5780	The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation bef...
CVE-2015-5781	ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecifie...
CVE-2015-5782	ImageIO in Apple iOS before 8.4.1 and OS X before 10.10.5 does not properly initialize an unspecifie...
CVE-2015-5783	IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial...
CVE-2015-5784	runner in Install.framework in the Install Framework Legacy component in Apple OS X before 10.10.5 d...	E
CVE-2015-5785	Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of ...	S
CVE-2015-5786	Apple QuickTime before 7.7.8 allows remote attackers to execute arbitrary code or cause a denial of ...	S
CVE-2015-5787	The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows att...
CVE-2015-5788	The WebKit Canvas implementation in Apple iOS before 9 allows remote attackers to bypass the Same Or...
CVE-2015-5789	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5790	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5791	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attack...
CVE-2015-5792	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5793	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attack...
CVE-2015-5794	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5795	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5796	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5797	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5798	WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary...
CVE-2015-5799	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5800	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5801	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5802	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5803	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5804	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5805	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5806	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5807	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5808	WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary...
CVE-2015-5809	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5810	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5811	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5812	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5813	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5814	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attack...
CVE-2015-5815	WebKit, as used in Apple iTunes before 12.3, allows man-in-the-middle attackers to execute arbitrary...
CVE-2015-5816	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attack...
CVE-2015-5817	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5818	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5819	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5820	WebKit in Apple iOS before 9 allows remote attackers to trigger a dialing action via a crafted (1) t...
CVE-2015-5821	WebKit, as used in Apple iOS before 9 and iTunes before 12.3, allows remote attackers to execute arb...
CVE-2015-5822	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attack...
CVE-2015-5823	WebKit, as used in JavaScriptCore in Apple iOS before 9 and iTunes before 12.3, allows remote attack...
CVE-2015-5824	The NSURL implementation in the CFNetwork SSL component in Apple iOS before 9 does not properly veri...
CVE-2015-5825	WebKit in Apple iOS before 9 does not properly restrict the availability of Performance API times, w...
CVE-2015-5826	WebKit in Apple iOS before 9 does not properly select the cases in which a Cascading Style Sheets (C...
CVE-2015-5827	WebKit in Apple iOS before 9 allows remote attackers to bypass the Same Origin Policy and obtain an ...
CVE-2015-5828	The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of a...
CVE-2015-5829	Data Detectors Engine in Apple iOS before 9 allows remote attackers to execute arbitrary code or cau...
CVE-2015-5830	The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges...
CVE-2015-5831	NetworkExtension in the kernel in Apple iOS before 9 does not properly initialize an unspecified dat...
CVE-2015-5832	The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials from t...
CVE-2015-5833	The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at t...
CVE-2015-5834	IOAcceleratorFamily in Apple iOS before 9 allows attackers to obtain sensitive kernel memory-layout ...
CVE-2015-5835	Apple iOS before 9 allows attackers to obtain sensitive information about inter-app communication vi...
CVE-2015-5836	Apple Online Store Kit in Apple OS X before 10.11 improperly validates iCloud keychain item ACLs, wh...
CVE-2015-5837	PluginKit in Apple iOS before 9 allows attackers to bypass an intended app-trust requirement and ins...
CVE-2015-5838	SpringBoard in Apple iOS before 9 does not properly restrict access to privileged API calls, which a...
CVE-2015-5839	dyld in Apple iOS before 9 allows attackers to bypass a code-signing protection mechanism via an app...
CVE-2015-5840	The checkint division routines in removefile in Apple iOS before 9 allow attackers to cause a denial...
CVE-2015-5841	The CFNetwork Proxies component in Apple iOS before 9 does not properly handle a Set-Cookie header w...
CVE-2015-5842	XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data structure, ...
CVE-2015-5843	IOMobileFrameBuffer in Apple iOS before 9 allows local users to gain privileges or cause a denial of...
CVE-2015-5844	IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged...
CVE-2015-5845	IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged...
CVE-2015-5846	IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged...
CVE-2015-5847	The Disk Images component in Apple iOS before 9 allows local users to gain privileges or cause a den...
CVE-2015-5848	IOAcceleratorFamily in Apple iOS before 9 allows local users to gain privileges or cause a denial of...
CVE-2015-5849	The filtering implementation in AppleEvents in Apple OS X before 10.11 mishandles attempts to send e...
CVE-2015-5850	AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of inco...
CVE-2015-5851	The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does not r...
CVE-2015-5852	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5853	AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet payload ...
CVE-2015-5854	The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain ac...
CVE-2015-5855	Apple iOS before 9 allows attackers to discover the e-mail address of a player via a crafted Game Ce...
CVE-2015-5856	The Application Store component in Apple iOS before 9 allows remote attackers to cause a denial of s...
CVE-2015-5857	Mail in Apple iOS before 9 allows remote attackers to use an address-book contact as a spoofed e-mai...
CVE-2015-5858	The CFNetwork HTTPProtocol component in Apple iOS before 9 allows remote attackers to bypass the HST...
CVE-2015-5859	The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not properly r...
CVE-2015-5860	The CFNetwork HTTPProtocol component in Apple iOS before 9 mishandles HSTS state, which allows remot...
CVE-2015-5861	SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen prev...
CVE-2015-5862	The Audio component in Apple iOS before 9 allows remote attackers to cause a denial of service (memo...
CVE-2015-5863	IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure, wh...
CVE-2015-5864	IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-layout...
CVE-2015-5865	IOGraphics in Apple OS X before 10.11 allows attackers to obtain sensitive kernel memory-layout info...
CVE-2015-5866	IOHIDFamily in Apple OS X before 10.11 allows attackers to execute arbitrary code in a privileged co...
CVE-2015-5867	IOHIDFamily in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context...
CVE-2015-5868	The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service ...
CVE-2015-5869	The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9 allows r...
CVE-2015-5870	The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain sensit...
CVE-2015-5871	IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of ser...
CVE-2015-5872	IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of ser...
CVE-2015-5873	IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of ser...
CVE-2015-5874	CoreText in Apple iOS before 9 and iTunes before 12.3 allows remote attackers to execute arbitrary c...	S
CVE-2015-5875	Cross-site scripting (XSS) vulnerability in Notes in Apple OS X before 10.11 allows local users to i...
CVE-2015-5876	dyld in Dev Tools in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged c...
CVE-2015-5877	The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges...
CVE-2015-5878	Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive infor...
CVE-2015-5879	XNU in the kernel in Apple iOS before 9 does not properly validate the headers of TCP packets, which...
CVE-2015-5880	CoreAnimation in Apple iOS before 9 allows attackers to bypass intended IOSurface restrictions and o...
CVE-2015-5881	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-7760, CVE-2015-7761. Reaso...	R
CVE-2015-5882	The processor_set_tasks API implementation in Apple iOS before 9 allows local users to bypass an ent...
CVE-2015-5883	The bidirectional text-display and text-selection implementations in Terminal in Apple OS X before 1...
CVE-2015-5884	The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for attach...
CVE-2015-5885	The CFNetwork Cookies component in Apple iOS before 9 allows remote attackers to track users via vec...
CVE-2015-5886	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5887	The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a C...
CVE-2015-5888	The Install Framework Legacy component in Apple OS X before 10.11 allows local users to obtain root ...
CVE-2015-5889	rsh in the remote_cmds component in Apple OS X before 10.11 allows local users to obtain root privil...	E
CVE-2015-5890	IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of ser...
CVE-2015-5891	The SMB implementation in the kernel in Apple OS X before 10.11 allows local users to gain privilege...
CVE-2015-5892	Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client-side p...
CVE-2015-5893	SMBClient in SMB in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory-lay...
CVE-2015-5894	The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kS...
CVE-2015-5895	Multiple unspecified vulnerabilities in SQLite before 3.8.10.2, as used in Apple iOS before 9, have ...
CVE-2015-5896	The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service ...
CVE-2015-5897	The Address Book framework in Apple OS X before 10.11 allows local users to gain privileges by using...
CVE-2015-5898	CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which makes...
CVE-2015-5899	libpthread in the kernel in Apple iOS before 9 allows local users to gain privileges or cause a deni...
CVE-2015-5900	The protected range register in the EFI component in Apple OS X before 10.11 has an incorrect value,...
CVE-2015-5901	The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash files, ...
CVE-2015-5902	The debugging feature in the kernel in Apple OS X before 10.11 mismanages state, which allows local ...
CVE-2015-5903	The kernel in Apple iOS before 9 allows local users to gain privileges or cause a denial of service ...
CVE-2015-5904	Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web ...
CVE-2015-5905	Safari in Apple iOS before 9 allows remote attackers to spoof the relationship between URLs and web ...
CVE-2015-5906	The HTML form implementation in WebKit in Apple iOS before 9 does not prevent QuickType access to th...
CVE-2015-5907	WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by le...
CVE-2015-5908	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5909	IDE Xcode Server in Apple Xcode before 7.0 does not properly restrict access to repository e-mail li...	S
CVE-2015-5910	IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted, which a...	S
CVE-2015-5911	Multiple unspecified vulnerabilities in Twisted in Wiki Server in Apple OS X Server before 5.0.3 all...
CVE-2015-5912	The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger...
CVE-2015-5913	Heimdal, as used in Apple OS X before 10.11, allows remote attackers to conduct replay attacks again...
CVE-2015-5914	The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmwar...
CVE-2015-5915	Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which...
CVE-2015-5916	The Apple Pay component in Apple iOS before 9 allows remote terminals to obtain sensitive recent-tra...
CVE-2015-5917	The glob implementation in tnftpd (formerly lukemftpd), as used in Apple OS X before 10.11, allows r...	E
CVE-2015-5918	GasGauge in Apple watchOS before 2 allows local users to gain privileges or cause a denial of servic...
CVE-2015-5919	GasGauge in Apple watchOS before 2 allows local users to gain privileges or cause a denial of servic...
CVE-2015-5920	The Software Update component in Apple iTunes before 12.3 does not properly handle redirection, whic...
CVE-2015-5921	WebKit in Apple iOS before 9 mishandles "Content-Disposition: attachment" HTTP headers, which might ...
CVE-2015-5922	Unspecified vulnerability in International Components for Unicode (ICU) before 53.1.0, as used in Ap...
CVE-2015-5923	Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which al...
CVE-2015-5924	The OpenGL implementation in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to...
CVE-2015-5925	The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 al...
CVE-2015-5926	The CoreGraphics component in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 al...
CVE-2015-5927	FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote atta...
CVE-2015-5928	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remot...
CVE-2015-5929	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remot...	S
CVE-2015-5930	WebKit, as used in Apple iOS before 9.1, Safari before 9.0.1, and iTunes before 12.3.1, allows remot...	S
CVE-2015-5931	WebKit, as used in Apple Safari before 9.0.1 and iTunes before 12.3.1, allows remote attackers to ex...
CVE-2015-5932	The kernel in Apple OS X before 10.11.1 allows local users to gain privileges by leveraging an unspe...
CVE-2015-5933	Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a deni...
CVE-2015-5934	Audio in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a deni...
CVE-2015-5935	ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attacke...
CVE-2015-5936	ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attacke...
CVE-2015-5937	ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attacke...
CVE-2015-5938	ImageIO in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a de...
CVE-2015-5939	ImageIO in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote attacke...
CVE-2015-5940	The Accelerate Framework component in Apple iOS before 9.1 and OS X before 10.11.1, when multi-threa...
CVE-2015-5941	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5942	FontParser in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows remote atta...
CVE-2015-5943	SecurityAgent in Apple OS X before 10.11.1 does not prevent synthetic clicks from reaching keychain ...
CVE-2015-5944	CoreText in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-5945	The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors...
CVE-2015-5946	Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute ar...	E
CVE-2015-5947	SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code....	E
CVE-2015-5948	Race condition in SuiteCRM before 7.2.3 allows remote attackers to execute arbitrary code. NOTE: th...	E S
CVE-2015-5949	VideoLAN VLC media player 2.2.1 allows remote attackers to cause a denial of service (crash) and pos...
CVE-2015-5950	The NVIDIA display driver R352 before 353.82 and R340 before 341.81 on Windows; R304 before 304.128,...
CVE-2015-5951	A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows...
CVE-2015-5952	Directory traversal vulnerability in Thomson Reuters for FATCA before 5.2 allows remote attackers to...
CVE-2015-5953	Cross-site scripting (XSS) vulnerability in the activity application in ownCloud Server before 7.0.5...
CVE-2015-5954	The virtual filesystem in ownCloud Server before 6.0.9, 7.0.x before 7.0.7, and 8.0.x before 8.0.5 d...
CVE-2015-5955	ownCloud iOS app before 3.4.4 does not properly switch state between multiple instances, which might...
CVE-2015-5956	The sanitizeLocalUrl function in TYPO3 6.x before 6.2.15, 7.x before 7.4.0, 4.5.40, and earlier allo...
CVE-2015-5957	Buffer overflow in the DumpSysVar function in var.c in Remind before 3.1.15 allows attackers to have...	E S
CVE-2015-5958	phpFileManager 0.9.8 allows remote attackers to execute arbitrary commands via a crafted URL....	E
CVE-2015-5959	Froxlor before 0.9.33.2 with the default configuration/setup might allow remote attackers to obtain ...	S
CVE-2015-5960	Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code protecti...
CVE-2015-5961	The COPPA error page in the Accounts setup dialog in Mozilla Firefox OS before 2.2 embeds content fr...
CVE-2015-5962	Integer signedness error in the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the...
CVE-2015-5963	contrib.sessions.middleware.SessionMiddleware in Django 1.8.x before 1.8.4, 1.7.x before 1.7.10, 1.4...	S
CVE-2015-5964	The (1) contrib.sessions.backends.base.SessionBase.flush and (2) cache_db.SessionStore.flush functio...	S
CVE-2015-5965	The SSL-VPN feature in Fortinet FortiOS before 4.3.13 only checks the first byte of the TLS MAC in f...
CVE-2015-5966	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5967	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5968	Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attacke...
CVE-2015-5969	The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSU...
CVE-2015-5970	The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows...
CVE-2015-5971	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5972	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5973	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5974	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5975	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5976	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5977	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5978	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5979	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5980	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5981	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5982	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5983	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5984	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5985	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2015-5986	openpgpkey_61.c in named in ISC BIND 9.9.7 before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote...
CVE-2015-5987	Belkin F9K1102 2 devices with firmware 2.10.17 use an improper algorithm for selecting the ID value ...
CVE-2015-5988	The web management interface on Belkin F9K1102 2 devices with firmware 2.10.17 has a blank password,...
CVE-2015-5989	Belkin F9K1102 2 devices with firmware 2.10.17 rely on client-side JavaScript code for authorization...
CVE-2015-5990	Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 al...
CVE-2015-5991	Cross-site request forgery (CSRF) vulnerability in form2WlanSetup.cgi on Philippine Long Distance Te...
CVE-2015-5992	Cross-site scripting (XSS) vulnerability in form2WlanSetup.cgi on Philippine Long Distance Telephone...
CVE-2015-5993	Buffer overflow in form2ping.cgi on Philippine Long Distance Telephone (PLDT) SpeedSurf 504AN device...
CVE-2015-5994	The web management interface on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 has...
CVE-2015-5995	Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and Tenda N3 Wireless N150 devices ...
CVE-2015-5996	Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with f...	E
CVE-2015-5997	Impero Education Pro before 5105 uses a hardcoded CBC key and initialization vector derived from a h...
CVE-2015-5998	Impero Education Pro before 5105 relies on the -1\|AUTHENTICATE\x02PASSWORD string for authentication...
CVE-2015-5999	Multiple cross-site request forgery (CSRF) vulnerabilities in the D-Link DIR-816L Wireless Router wi...	E