CVE-2015-6xxx

There are 919 CVE in this subgroup.
Last updated: 
← Back to 2015
ID Summary Flags Max Score
CVE-2015-6000 Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in mod...
E
CVE-2015-6003 Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 bui...
CVE-2015-6004 Multiple SQL injection vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remote attackers t...
E
CVE-2015-6005 Multiple cross-site scripting (XSS) vulnerabilities in IPSwitch WhatsUp Gold before 16.4 allow remot...
E
CVE-2015-6006 The AddUserFinding implementation in Medicomp MEDCIN Engine 2.22.20153.x before 2.22.20153.226 might...
CVE-2015-6007 Cross-site request forgery (CSRF) vulnerability in Web Reference Database (aka refbase) through 0.9....
CVE-2015-6008 install.php in Web Reference Database (aka refbase) through 0.9.6 allows remote attackers to execute...
E
CVE-2015-6009 Multiple SQL injection vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 allow r...
E
CVE-2015-6010 Multiple cross-site scripting (XSS) vulnerabilities in Web Reference Database (aka refbase) through ...
CVE-2015-6011 Web Reference Database (aka refbase) through 0.9.6 and bleeding-edge before 2015-01-08 allows remote...
CVE-2015-6012 Multiple open redirect vulnerabilities in Web Reference Database (aka refbase) through 0.9.6 and ble...
CVE-2015-6013 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2015-6014 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2015-6015 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ...
CVE-2015-6016 ZyXEL P-660HW-T1 2 devices with ZyNOS firmware 3.40(AXH.0), PMG5318-B20A devices with firmware 1.00A...
CVE-2015-6017 Multiple cross-site scripting (XSS) vulnerabilities in Forms/rpAuth_1 on ZyXEL P-660HW-T1 2 devices ...
CVE-2015-6018 The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0...
E
CVE-2015-6019 The management portal on ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 does not terminate ses...
CVE-2015-6020 ZyXEL PMG5318-B20A devices with firmware 1.00AANC0b5 allow remote authenticated users to obtain admi...
CVE-2015-6021 Spiceworks Desktop before 2015-12-01 has XSS via an SNMP response....
CVE-2015-6022 Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authentica...
CVE-2015-6023 ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-...
E
CVE-2015-6024 ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-...
E
CVE-2015-6027 Castle Rock Computing SNMPc before 2015-12-17 has XSS via SNMP....
CVE-2015-6028 Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter....
CVE-2015-6029 HP ArcSight Logger before 6.0 P2 does not limit attempts to authenticate to the SOAP interface, whic...
CVE-2015-6030 HP ArcSight Logger 6.0.0.7307.1, ArcSight Command Center 6.8.0.1896.0, and ArcSight Connector Applia...
CVE-2015-6031 Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnP...
E
CVE-2015-6032 Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attacke...
CVE-2015-6033 Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital signatures of software updates, w...
CVE-2015-6034 EPSON Network Utility 4.10 uses weak permissions (Everyone: Full Control) for eEBSVC.exe, which allo...
S
CVE-2015-6035 Opsview before 2015-11-06 has XSS via SNMP....
E
CVE-2015-6036 QNAP Signage Station before 2.0.1 allows remote attackers to bypass authentication, and consequently...
CVE-2015-6037 Cross-site scripting (XSS) vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 a...
CVE-2015-6038 Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for M...
CVE-2015-6039 Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foun...
CVE-2015-6040 Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibili...
CVE-2015-6041 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6042 Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 ...
S
CVE-2015-6043 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6044 Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as ...
CVE-2015-6045 Use-after-free vulnerability in the CElement object implementation in Microsoft Internet Explorer 11...
CVE-2015-6046 Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information fro...
CVE-2015-6047 The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to b...
CVE-2015-6048 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
S
CVE-2015-6049 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6050 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6051 Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web s...
S
CVE-2015-6052 The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl...
CVE-2015-6053 Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process ...
CVE-2015-6054 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6055 The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl...
CVE-2015-6056 The (1) JScript and (2) VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote at...
CVE-2015-6057 Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a cra...
CVE-2015-6058 Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass...
CVE-2015-6059 The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl...
CVE-2015-6060 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6061 Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP...
CVE-2015-6062 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6063 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6064 Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary...
CVE-2015-6065 Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6066 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6067 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6068 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6069 Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6070 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6071 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6072 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6073 Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o...
CVE-2015-6074 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6075 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6076 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6077 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6078 Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr...
CVE-2015-6079 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6080 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6081 Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6082 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6083 Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6084 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-6085 Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a d...
CVE-2015-6086 Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information fro...
E
CVE-2015-6087 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6088 Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASL...
CVE-2015-6089 The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow...
CVE-2015-6090 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6091 Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016,...
CVE-2015-6092 Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016,...
CVE-2015-6093 Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word A...
CVE-2015-6094 Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2...
CVE-2015-6095 Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...
S
CVE-2015-6096 The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 al...
CVE-2015-6097 Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP...
CVE-2015-6098 Buffer overflow in the Network Driver Interface Standard (NDIS) implementation in Microsoft Windows ...
E
CVE-2015-6099 Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2...
CVE-2015-6100 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window...
E S
CVE-2015-6101 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window...
E S
CVE-2015-6102 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window...
E S
CVE-2015-6103 The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, W...
E S
CVE-2015-6104 The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, W...
E S
CVE-2015-6105 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6106 The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, O...
CVE-2015-6107 The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows...
S
CVE-2015-6108 The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows...
S
CVE-2015-6109 The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and...
S
CVE-2015-6110 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6111 IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1,...
S
CVE-2015-6112 SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...
S
CVE-2015-6113 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window...
S
CVE-2015-6114 Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection me...
CVE-2015-6115 Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protecti...
CVE-2015-6116 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6117 Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allow remote authenticated u...
CVE-2015-6118 Microsoft Office 2007 SP3 and Office 2010 SP2 allow remote attackers to execute arbitrary code via a...
CVE-2015-6119 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6120 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6121 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6122 Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Exc...
CVE-2015-6123 Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac 2011 and Excel 2016 for Mac allo...
CVE-2015-6124 Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, and Office...
CVE-2015-6125 Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and S...
CVE-2015-6126 Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows...
S
CVE-2015-6127 Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allow...
E S
CVE-2015-6128 Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 mishandle library...
E
CVE-2015-6129 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6130 Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remo...
E
CVE-2015-6131 Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allow...
E S
CVE-2015-6132 Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8...
E S
CVE-2015-6133 Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Wind...
S
CVE-2015-6134 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2015-6135 The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl...
CVE-2015-6136 The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Expl...
CVE-2015-6137 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6138 Microsoft Internet Explorer 8 through 11 mishandles HTML attributes in HTTP responses, which allows ...
CVE-2015-6139 Microsoft Internet Explorer 11 and Microsoft Edge mishandle content types, which allows remote attac...
CVE-2015-6140 Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o...
CVE-2015-6141 Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of...
CVE-2015-6142 Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o...
CVE-2015-6143 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6144 Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP respon...
CVE-2015-6145 Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a den...
CVE-2015-6146 Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code or cause a den...
CVE-2015-6147 Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den...
CVE-2015-6148 Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitr...
CVE-2015-6149 Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a den...
CVE-2015-6150 Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6151 Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitr...
CVE-2015-6152 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o...
E S
CVE-2015-6153 Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o...
CVE-2015-6154 Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to execute arbitr...
CVE-2015-6155 Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary...
CVE-2015-6156 Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6157 Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process ...
CVE-2015-6158 Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o...
CVE-2015-6159 Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code o...
CVE-2015-6160 Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6161 Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASL...
CVE-2015-6162 Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial o...
CVE-2015-6163 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6164 Microsoft Internet Explorer 9 through 11 improperly implements a cross-site scripting (XSS) protecti...
CVE-2015-6165 Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection me...
CVE-2015-6166 Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to execute arbitrary code or cau...
CVE-2015-6167 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6168 Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memor...
E
CVE-2015-6169 Microsoft Edge misparses HTTP responses, which allows remote attackers to redirect users to arbitrar...
CVE-2015-6170 Microsoft Edge allows remote attackers to gain privileges via a crafted web site, aka "Microsoft Bro...
CVE-2015-6171 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window...
S
CVE-2015-6172 Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1,...
CVE-2015-6173 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window...
S
CVE-2015-6174 The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Window...
S
CVE-2015-6175 The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted applicat...
KEV S
CVE-2015-6176 Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass...
CVE-2015-6177 Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to ...
CVE-2015-6178 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6179 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6180 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6181 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6182 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6183 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6184 The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attac...
CVE-2015-6185 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6186 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6187 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6188 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6189 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6190 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6191 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6192 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6193 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6194 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6195 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6196 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6197 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6198 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6199 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6200 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6201 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6202 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6203 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6204 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6205 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6206 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6207 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6208 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6209 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6210 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6211 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6212 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6213 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6214 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6215 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6216 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6217 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6218 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6219 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6220 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6221 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6222 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6223 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6224 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6225 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6226 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6227 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6228 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6229 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6230 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6231 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6232 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6233 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6234 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6235 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6236 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6237 The RPC service in Tripwire (formerly nCircle) IP360 VnE Manager 7.2.2 before 7.2.6 allows remote at...
CVE-2015-6238 Multiple cross-site scripting (XSS) vulnerabilities in the Google Analyticator plugin before 6.4.9.6...
E S
CVE-2015-6240 The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a ...
S
CVE-2015-6241 The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wiresh...
CVE-2015-6242 The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block alloc...
CVE-2015-6243 The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles tab...
CVE-2015-6244 The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector i...
CVE-2015-6245 epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 u...
CVE-2015-6246 The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in ...
CVE-2015-6247 The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow di...
CVE-2015-6248 The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x befor...
CVE-2015-6249 The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissect...
CVE-2015-6250 simple-php-captcha before commit 9d65a945029c7be7bb6bc893759e74c5636be694 allows remote attackers to...
S
CVE-2015-6251 Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to ...
CVE-2015-6252 The vhost_dev_ioctl function in drivers/vhost/vhost.c in the Linux kernel before 4.1.5 allows local ...
CVE-2015-6253 edx-platform before 2015-08-17 allows XSS in the Studio listing of courses....
S
CVE-2015-6254 The (1) Service Provider (SP) and (2) Identity Provider (IdP) in PicketLink before 2.7.0 does not en...
CVE-2015-6255 Cross-site scripting (XSS) vulnerability in Cisco Unified Web and E-Mail Interaction Manager 9.0(2) ...
CVE-2015-6256 Cisco ASR 5000 devices with software 19.0.M0.60828 allow remote attackers to cause a denial of servi...
CVE-2015-6258 The Internet Access Point Protocol (IAPP) module on Cisco Wireless LAN Controller (WLC) devices with...
CVE-2015-6259 The JavaServer Pages (JSP) component in Cisco Integrated Management Controller (IMC) Supervisor befo...
CVE-2015-6260 Cisco NX-OS 7.1(1)N1(1) on Nexus 5500, 5600, and 6000 devices does not properly validate PDUs in SNM...
CVE-2015-6261 Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows remote authenticated us...
CVE-2015-6262 Cross-site request forgery (CSRF) vulnerability in Cisco Prime Infrastructure 1.2(0.103) and 2.0(0.0...
CVE-2015-6263 The RADIUS client implementation in Cisco IOS 15.4(3)M2.2, when a shared RADIUS secret is configured...
CVE-2015-6264 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-1349. Reason: This candida...
R
CVE-2015-6265 The CLI in Cisco Application Control Engine (ACE) 4700 A5 3.0 and earlier allows local users to bypa...
CVE-2015-6266 The guest portal in Cisco Identity Services Engine (ISE) 3300 1.2(0.899) does not restrict access to...
CVE-2015-6267 Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (...
CVE-2015-6268 Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (...
CVE-2015-6269 Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (...
CVE-2015-6270 Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service (...
CVE-2015-6271 Cisco IOS XE 2.1.0 through 2.4.3 and 2.5.0 on ASR 1000 devices, when NAT Application Layer Gateway i...
CVE-2015-6272 Cisco IOS XE 2.1.0 through 2.2.3 and 2.3.0 on ASR 1000 devices, when NAT Application Layer Gateway i...
CVE-2015-6273 Cisco IOS XE before 3.1.2S on ASR 1000 devices mishandles the automatic setup of Virtual Fragment Re...
CVE-2015-6274 The IPv4 implementation on Cisco ASR 1000 devices with software 15.5(3)S allows remote attackers to ...
CVE-2015-6276 Cisco TelePresence IX5000 8.0.3 stores a private key associated with an X.509 certificate under the ...
CVE-2015-6277 The ARP implementation in Cisco NX-OS on Nexus 1000V devices for VMware vSphere 5.2(1)SV3(1.4), Nexu...
CVE-2015-6278 The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 1...
CVE-2015-6279 The IPv6 snooping functionality in the first-hop security subsystem in Cisco IOS 12.2, 15.0, 15.1, 1...
CVE-2015-6280 The SSHv2 functionality in Cisco IOS 15.2, 15.3, 15.4, and 15.5 and IOS XE 3.6E before 3.6.3E, 3.7E ...
CVE-2015-6282 Cisco IOS XE 2.x and 3.x before 3.10.6S, 3.11.xS through 3.13.xS before 3.13.3S, and 3.14.xS through...
CVE-2015-6283 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6284 Buffer overflow in the Conference Control Protocol API implementation in Cisco TelePresence Server s...
CVE-2015-6285 Format string vulnerability in Cisco Email Security Appliance (ESA) 7.6.0 and 8.0.0 allows remote at...
CVE-2015-6286 Cisco Application Visibility and Control (AVC) 15.3(3)JA, when FlexConnect is enabled, allows remote...
CVE-2015-6287 Cisco Web Security Appliance (WSA) 8.0.6-078 and 8.0.6-115 allows remote attackers to cause a denial...
CVE-2015-6288 Cisco Content Security Management Appliance (SMA) 7.8.0-000 does not properly validate credentials, ...
CVE-2015-6289 Cisco IOS 15.5(3)M on Integrated Services Router (ISR) 800, 819, and 829 devices allows remote attac...
CVE-2015-6290 Cisco Web Security Appliance (WSA) 8.0.7 allows remote HTTP servers to cause a denial of service (me...
CVE-2015-6291 Cisco AsyncOS before 8.5.7-043, 9.x before 9.1.1-023, and 9.5.x and 9.6.x before 9.6.0-046 on Email ...
CVE-2015-6292 The proxy-cache implementation in Cisco AsyncOS 8.0.x before 8.0.7-151, 8.1.x and 8.5.x before 8.5.2...
CVE-2015-6293 Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6.x and 8.7.x before 8.7.0-1...
CVE-2015-6294 Cisco IOS 15.2(3)E and earlier and IOS XE 3.6(2)E and earlier allow remote attackers to cause a deni...
CVE-2015-6295 Cisco NX-OS 6.1(2)I3(4) and 7.0(3)I1(1) on Nexus 9000 (N9K) devices allows remote attackers to cause...
CVE-2015-6296 Cisco Prime Network Registrar (CPNR) 8.1(3.3), 8.2(3), and 8.3(2) has a default account, which allow...
CVE-2015-6297 The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers ...
CVE-2015-6298 The admin web interface in Cisco AsyncOS 8.x before 8.0.8-113, 8.1.x and 8.5.x before 8.5.3-051, 8.6...
CVE-2015-6299 SQL injection vulnerability in the web interface in Cisco Unity Connection 9.1(1.2) and earlier allo...
CVE-2015-6300 Cisco Secure Access Control Server (ACS) Solution Engine 5.7(0.15) allows remote authenticated users...
CVE-2015-6301 The DHCPv6 server in Cisco IOS on ASR 9000 devices with software 5.2.0 Base allows remote attackers ...
CVE-2015-6302 The RADIUS functionality on Cisco Wireless LAN Controller (WLC) devices with software 7.0(250.0) and...
CVE-2015-6303 The Cisco Spark application 2015-07-04 for mobile operating systems does not properly verify X.509 c...
CVE-2015-6304 Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Server software 3.0(2.24) allo...
CVE-2015-6305 Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.e...
E
CVE-2015-6306 Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before in...
E S
CVE-2015-6307 Cisco FirePOWER (formerly Sourcefire) 7000 and 8000 devices with software 5.4.0.1 allow remote attac...
CVE-2015-6308 Cisco NX-OS 6.0(2)U6(0.46) on N3K devices allows remote authenticated users to cause a denial of ser...
CVE-2015-6309 Cisco Email Security Appliance (ESA) 8.5.6-106 and 9.6.0-042 allows remote authenticated users to ca...
CVE-2015-6310 The REST interface in Cisco Unified Communications Manager IM and Presence Service 11.5(1) allows re...
CVE-2015-6311 Cisco Wireless LAN Controller (WLC) devices with software 7.0(240.0), 7.3(101.0), and 7.4(1.19) allo...
CVE-2015-6312 Cisco TelePresence Server 3.1 on 7010, Mobility Services Engine (MSE) 8710, Multiparty Media 310 and...
CVE-2015-6313 Cisco TelePresence Server 4.1(2.29) through 4.2(4.17) on 7010; Mobility Services Engine (MSE) 8710; ...
CVE-2015-6314 Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 befor...
CVE-2015-6315 Cisco Aironet 1850 access points with software 8.1(112.4) allow local users to gain privileges via c...
CVE-2015-6316 The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 a...
M
CVE-2015-6317 Cisco Identity Services Engine (ISE) before 2.0 allows remote authenticated users to bypass intended...
CVE-2015-6318 Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.1 and X8.5.2 allows local users ...
CVE-2015-6319 SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows rem...
CVE-2015-6320 The IP ingress packet handler on Cisco Aironet 1800 devices with software 8.1(112.3) and 8.1(112.4) ...
CVE-2015-6321 Cisco AsyncOS before 8.5.7-042, 9.x before 9.1.0-032, 9.1.x before 9.1.1-023, and 9.5.x and 9.6.x be...
CVE-2015-6322 The IPC channel in Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1(8) allows local user...
CVE-2015-6323 The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before ...
CVE-2015-6324 The DHCPv6 relay implementation in Cisco Adaptive Security Appliance (ASA) software 9.0 before 9.0(4...
CVE-2015-6325 Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8....
CVE-2015-6326 Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(5.58), 8.3 and 8.4 before 8....
CVE-2015-6327 The IKEv1 implementation in Cisco Adaptive Security Appliance (ASA) software 7.2 and 8.2 before 8.2(...
CVE-2015-6328 The web framework in Cisco Prime Collaboration Assurance (PCA) 10.5(1) allows remote authenticated u...
CVE-2015-6329 SQL injection vulnerability in Cisco Prime Collaboration Provisioning 10.6 and 11.0 allows remote au...
CVE-2015-6330 Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1) and 1...
CVE-2015-6331 SQL injection vulnerability in the web framework in Cisco Prime Collaboration Assurance 10.5(1) allo...
CVE-2015-6332 Cisco Prime Infrastructure 2.2 allows remote attackers to cause a denial of service (daemon hang) by...
CVE-2015-6333 Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges...
CVE-2015-6334 Cisco ASR 5000 and 5500 devices with software 18.0.0.57828 and 19.0.M0.61045 allow remote attackers ...
CVE-2015-6335 The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMwar...
CVE-2015-6336 Cisco Aironet 1800 devices with software 7.2, 7.3, 7.4, 8.1(112.3), 8.1(112.4), and 8.1(15.14) have ...
CVE-2015-6337 Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller Enter...
CVE-2015-6338 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6339 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6340 The Proxy Mobile IPv6 (PMIPv6) component in the CDMA implementation on Cisco ASR 5000 devices with s...
CVE-2015-6341 The Web Management GUI on Cisco Wireless LAN Controller (WLC) devices with software 7.4(140.0) and 8...
CVE-2015-6342 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6343 The SIP implementation in Cisco IOS 15.5(3)M on Cisco Unified Border Element (CUBE) devices allows r...
CVE-2015-6344 The web-based GUI in Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security 9.3(4.1.11) a...
CVE-2015-6345 SQL injection vulnerability in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0...
CVE-2015-6346 Cross-site scripting (XSS) vulnerability in Cisco Secure Access Control Server (ACS) 5.7(0.15) allow...
CVE-2015-6347 The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticate...
CVE-2015-6348 The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (AC...
CVE-2015-6349 Cross-site scripting (XSS) vulnerability in the web interface in the Solution Engine in Cisco Secure...
CVE-2015-6350 SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows remote a...
CVE-2015-6351 Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and 19...
CVE-2015-6352 Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for pat...
CVE-2015-6353 Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3.1....
CVE-2015-6354 Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1....
CVE-2015-6355 The web interface in Cisco Unified Computing System (UCS) 2.2(5b)A on blade servers allows remote at...
CVE-2015-6356 Cross-site scripting (XSS) vulnerability in the WeChat page in Cisco Social Miner 10.0(1) allows rem...
CVE-2015-6357 The rule-update feature in Cisco FireSIGHT Management Center (MC) 5.2 through 5.4.0.1 does not verif...
CVE-2015-6358 Multiple Cisco embedded devices use hardcoded X.509 certificates and SSH host keys embedded in the f...
S
CVE-2015-6359 The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS 15.3(3)S0.1 on AS...
CVE-2015-6360 The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a d...
CVE-2015-6361 The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows re...
CVE-2015-6362 The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allow...
CVE-2015-6363 Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco FireSIGHT Manageme...
CVE-2015-6364 Cisco Content Delivery System Manager Software 3.2 on Videoscape Distribution Suite Service Manager ...
CVE-2015-6365 Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface ACLs,...
CVE-2015-6366 Cisco IOS 15.2(04)M6 and 15.4(03)S lets physical-interface ACLs supersede tunnel-interface ACLs, whi...
CVE-2015-6367 Cisco Aironet 1800 devices with software 8.1(131.0) allow remote attackers to cause a denial of serv...
CVE-2015-6368 Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote attac...
CVE-2015-6369 The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices a...
CVE-2015-6370 The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on Fire...
CVE-2015-6371 Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote authe...
CVE-2015-6372 Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Firepower Ex...
CVE-2015-6373 Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1.1(1...
CVE-2015-6374 The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 device...
CVE-2015-6375 The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3 allow...
CVE-2015-6376 Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server (VC...
CVE-2015-6377 Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial of s...
CVE-2015-6378 Cross-site request forgery (CSRF) vulnerability on Cisco DPQ3925 devices with EDVA 5.5.2 allows remo...
CVE-2015-6379 The XML parser in the management interface in Cisco Adaptive Security Appliance (ASA) Software 8.4 a...
CVE-2015-6380 An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1.160)...
CVE-2015-6382 Cisco ASR 5000 devices with software 16.0(900) allow remote attackers to cause a denial of service (...
CVE-2015-6383 Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local use...
CVE-2015-6384 The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom applicat...
CVE-2015-6385 The publish-event event-manager feature in Cisco IOS 15.5(2)S and 15.5(3)S on Cloud Services Router ...
CVE-2015-6386 The passthrough FTP feature on Cisco Web Security Appliance (WSA) devices with software 8.0.7-142 an...
CVE-2015-6387 Cross-site scripting (XSS) vulnerability in Cisco Unified Computing System (UCS) Central Software 1....
CVE-2015-6388 Cisco Unified Computing System (UCS) Central software 1.3(0.1) allows remote attackers to conduct se...
CVE-2015-6389 Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote ...
CVE-2015-6390 Cross-site scripting (XSS) vulnerability in the management interface in Cisco Unity Connection 9.1(1...
CVE-2015-6391 Cisco Unified SIP 3905 phones allow remote attackers to cause a denial of service (resource consumpt...
CVE-2015-6392 Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 5000, 5500, 5600, 6000, 7000, 7700,...
CVE-2015-6393 Cisco NX-OS 4.1 through 7.3 and 11.0 through 11.2 on Nexus 2000, 3000, 3500, 5000, 5500, 5600, 6000,...
CVE-2015-6394 The kernel in Cisco NX-OS 5.2(9)N1(1) on Nexus 5000 devices allows local users to cause a denial of ...
CVE-2015-6395 Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web ...
CVE-2015-6396 The CLI command parser on Cisco RV110W, RV130W, and RV215W devices allows local users to execute arb...
E M
CVE-2015-6397 Cisco RV110W, RV130W, and RV215W devices have an incorrect RBAC configuration for the default accoun...
M
CVE-2015-6398 Cisco Nexus 9000 Application Centric Infrastructure (ACI) Mode switches with software before 11.0(1c...
CVE-2015-6399 The Supervisor 1.0.0.0 and 1.0.0.1 in Cisco Integrated Management Controller (IMC) before 2.0(9) all...
CVE-2015-6400 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Emergency Responder 10.5(1a) allow remo...
CVE-2015-6401 Cisco EPC3928 devices with EDVA 5.5.10, 5.5.11, and 5.7.1 allow remote attackers to bypass an intend...
E
CVE-2015-6402 Cross-site scripting (XSS) vulnerability in the management interface on Cisco EPC3928 devices with E...
E
CVE-2015-6403 The TFTP implementation on Cisco Small Business SPA30x, SPA50x, SPA51x phones 7.5.7 improperly valid...
CVE-2015-6404 Cisco Hosted Collaboration Mediation Fulfillment 10.6(3) does not use RBAC, which allows remote auth...
CVE-2015-6405 Cross-site request forgery (CSRF) vulnerability in Cisco Emergency Responder 10.5(1) and 10.5(1a) al...
CVE-2015-6406 Directory traversal vulnerability in the Tools menu in Cisco Emergency Responder 10.5(1.10000.5) all...
CVE-2015-6407 Cisco Emergency Responder 10.5(3.10000.9) allows remote attackers to upload files to arbitrary locat...
CVE-2015-6408 Cross-site request forgery (CSRF) vulnerability in Cisco Unity Connection 11.5(0.98) allows remote a...
CVE-2015-6409 Cisco Jabber 10.6.x, 11.0.x, and 11.1.x on Windows allows man-in-the-middle attackers to conduct STA...
CVE-2015-6410 The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications Manager m...
CVE-2015-6411 Cisco FirePOWER Management Center 5.4.1.3, 6.0.0, and 6.0.1 provides verbose responses to requests f...
CVE-2015-6412 Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest ...
CVE-2015-6413 Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated user...
CVE-2015-6414 Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across differe...
CVE-2015-6415 Cisco Unified Computing System (UCS) 2.2(3f)A on Fabric Interconnect 6200 devices allows remote atta...
CVE-2015-6416 Cross-site scripting (XSS) vulnerability in Cisco Unified Email Interaction Manager and Unified Web ...
CVE-2015-6417 Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use R...
CVE-2015-6418 The random-number generator on Cisco Small Business RV routers 4.x and SA500 security appliances 2.2...
CVE-2015-6419 Cisco FireSIGHT Management Center with software 4.10.3, 5.2.0, 5.3.0, 5.3.1, and 5.4.0 allows remote...
CVE-2015-6420 Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and C...
CVE-2015-6421 cifs-ao in the CIFS optimization functionality on Cisco Wide Area Application Service (WAAS) and Vir...
CVE-2015-6422 The self-service application in Cisco Unified Communications Domain Manager (CUCDM) 10.6(1) allows r...
CVE-2015-6423 The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 throu...
CVE-2015-6424 The boot manager in Cisco Application Policy Infrastructure Controller (APIC) 1.1(0.920a) allows loc...
CVE-2015-6425 The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0.980...
CVE-2015-6426 Cisco Prime Network Services Controller 3.0 allows local users to bypass intended access restriction...
CVE-2015-6427 Cisco FireSIGHT Management Center allows remote attackers to bypass the HTTP attack detection featur...
CVE-2015-6428 Cisco DPQ3925 devices with EDVA r1 Base allow remote attackers to obtain sensitive information via a...
CVE-2015-6429 The IKEv1 state machine in Cisco IOS 15.4 through 15.6 and IOS XE 3.15 through 3.17 allows remote at...
CVE-2015-6431 Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a packe...
CVE-2015-6432 Cisco IOS XR 4.2.0, 4.3.0, 5.0.0, 5.1.0, 5.2.0, 5.2.2, 5.2.4, 5.3.0, and 5.3.2 does not properly res...
CVE-2015-6433 SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows remote ...
CVE-2015-6434 Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it easier ...
CVE-2015-6435 An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Co...
E
CVE-2015-6436 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6437 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6438 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6439 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6440 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6441 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6442 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6443 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6444 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6445 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6446 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6447 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6448 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6449 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6450 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6451 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6452 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6453 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6454 Everest PeakHMI before 8.7.0.2, when the video server is used, allows remote attackers to cause a de...
CVE-2015-6455 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2015-6456 GE Digital Energy MDS PulseNET and MDS PulseNET Enterprise before 3.1.5 have hardcoded credentials f...
CVE-2015-6457 Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow rem...
CVE-2015-6458 Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow rem...
CVE-2015-6459 Absolute path traversal vulnerability in the download feature in FileDownloadServlet in GE Digital E...
CVE-2015-6460 Multiple heap-based buffer overflows in 3S-Smart CODESYS Gateway Server before 2.3.9.34 allow remote...
CVE-2015-6461 Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric ...
CVE-2015-6462 Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which con...
CVE-2015-6463 CodeWrights HART Comm DTM components, as used with Endress+Hauser FieldCare, allow remote attackers ...
S
CVE-2015-6464 The administrative web interface on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 all...
S
CVE-2015-6465 The GoAhead web server on Moxa EDS-405A and EDS-408A switches with firmware before 3.6 allows remote...
S
CVE-2015-6466 Cross-site scripting (XSS) vulnerability in the Diagnosis Ping feature in the administrative web int...
S
CVE-2015-6467 Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code via vectors involvi...
CVE-2015-6468 Cross-site request forgery (CSRF) vulnerability in Resource Data Management Data Manager before 2.2 ...
CVE-2015-6469 The interpreter in IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allows remote attackers to discov...
CVE-2015-6470 Resource Data Management Data Manager before 2.2 allows remote authenticated users to modify arbitra...
CVE-2015-6471 Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and IdeaPLUS r...
CVE-2015-6472 WAGO IO 750-849 01.01.27 and 01.02.05, WAGO IO 750-881, and WAGO IO 758-870 have weak credential man...
E
CVE-2015-6473 WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation....
E
CVE-2015-6474 IBC Solar ServeMaster TLP+ and Danfoss TLX Pro+ allow remote attackers to discover cleartext passwor...
CVE-2015-6475 Multiple cross-site scripting (XSS) vulnerabilities in IBC Solar ServeMaster TLP+ and Danfoss TLX Pr...
CVE-2015-6476 Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98,...
CVE-2015-6477 Multiple cross-site scripting (XSS) vulnerabilities in the Wind Farm Portal application in Nordex Co...
CVE-2015-6478 Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls, w...
S
CVE-2015-6479 ACEmanager in Sierra Wireless ALEOS 4.4.2 and earlier on ES440, ES450, GX400, GX440, GX450, and LS30...
CVE-2015-6480 The MessageBrokerServlet servlet in Moxa OnCell Central Manager before 2.2 does not require authenti...
CVE-2015-6481 The login function in the RequestController class in Moxa OnCell Central Manager before 2.2 has a ha...
CVE-2015-6482 Runtime Toolkit before 2.4.7.48 in 3S-Smart CODESYS before 2.3.9.48 allows remote attackers to cause...
CVE-2015-6484 3S-Smart CODESYS Gateway Server before 2.3.9.48 allows remote attackers to cause a denial of service...
CVE-2015-6485 Schneider Electric Telvent Sage 2300 RTUs with firmware before C3413-500-S01, and LANDAC II-2, Sage ...
CVE-2015-6486 SQL injection vulnerability on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 de...
S
CVE-2015-6487 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in...
R
CVE-2015-6488 Cross-site scripting (XSS) vulnerability in the web server on Allen-Bradley MicroLogix 1100 devices ...
S
CVE-2015-6490 Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 de...
S
CVE-2015-6491 Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow...
S
CVE-2015-6492 Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003 allow...
S
CVE-2015-6493 Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and 2....
S
CVE-2015-6494 Cross-site scripting (XSS) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x bef...
S
CVE-2015-6495 There is Sensitive Information in Cloudera Manager before 5.4.6 Diagnostic Support Bundles....
CVE-2015-6496 conntrackd in conntrack-tools 1.4.2 and earlier does not ensure that the optional kernel modules are...
E S
CVE-2015-6497 The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edit...
E
CVE-2015-6498 Alcatel-Lucent Home Device Manager before 4.1.10, 4.2.x before 4.2.2 allows remote attackers to spoo...
CVE-2015-6500 Directory traversal vulnerability in ownCloud Server before 8.0.6 and 8.1.x before 8.1.1 allows remo...
CVE-2015-6501 Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attack...
CVE-2015-6502 Cross-site scripting (XSS) vulnerability in the console in Puppet Enterprise before 2015.2.1 allows ...
CVE-2015-6506 Cross-site scripting (XSS) vulnerability in the cryptography interface in Request Tracker (RT) befor...
S
CVE-2015-6507 The hdbsql client 1.00.091.00 Build 1418659308-1530 in SAP HANA allows local users to cause a denial...
CVE-2015-6508 Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject a...
CVE-2015-6509 Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers t...
CVE-2015-6510 Multiple cross-site scripting (XSS) vulnerabilities in pfSense before 2.2.3 allow remote attackers t...
CVE-2015-6511 Cross-site scripting (XSS) vulnerability in pfSense before 2.2.3 allows remote attackers to inject a...
CVE-2015-6512 SQL injection vulnerability in the get_messages function in server/plugins/chatroom/chatroom.php in ...
E
CVE-2015-6513 Multiple SQL injection vulnerabilities in the J2Store (com_j2store) extension before 3.1.7 for Jooml...
E S
CVE-2015-6514 Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 an...
CVE-2015-6515 Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1....
CVE-2015-6516 SQL injection vulnerability in cygnux.org sysPass 1.0.9 and earlier allows remote authenticated user...
E
CVE-2015-6517 Cross-site request forgery (CSRF) vulnerability in phpLiteAdmin 1.1 allows remote attackers to hijac...
E
CVE-2015-6518 Multiple cross-site scripting (XSS) vulnerabilities in phpLiteAdmin 1.1 allow remote attackers to in...
E
CVE-2015-6519 SQL injection vulnerability in Arab Portal 3 allows remote attackers to execute arbitrary SQL comman...
E
CVE-2015-6520 IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to US...
CVE-2015-6521 Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS version 2.2....
E
CVE-2015-6522 SQL injection vulnerability in the WP Symposium plugin before 15.8 for WordPress allows remote attac...
E
CVE-2015-6523 Cross-site request forgery (CSRF) vulnerability in the Portfolio plugin before 1.05 for WordPress al...
E
CVE-2015-6524 The LDAPLoginModule implementation in the Java Authentication and Authorization Service (JAAS) in Ap...
CVE-2015-6525 Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1....
CVE-2015-6526 The perf_callchain_user_64 function in arch/powerpc/perf/callchain.c in the Linux kernel before 4.0....
CVE-2015-6527 The php_str_replace_in_subject function in ext/standard/string.c in PHP 7.x before 7.0.0 allows remo...
E
CVE-2015-6528 Multiple cross-site scripting (XSS) vulnerabilities in install_classic.php in Coppermine Photo Galle...
E
CVE-2015-6529 Multiple cross-site scripting (XSS) vulnerabilities in phpipam 1.1.010 allow remote attackers to inj...
E
CVE-2015-6530 Cross-site scripting (XSS) vulnerability in OpenText Secure MFT 2013 before 2013 R3 P6 and 2014 befo...
E
CVE-2015-6531 Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to ex...
E
CVE-2015-6535 Cross-site scripting (XSS) vulnerability in includes/options-profiles.php in the YouTube Embed plugi...
S
CVE-2015-6537 SQL injection vulnerability in the login page in Epiphany Cardio Server 3.3 allows remote attackers ...
CVE-2015-6538 The login page in Epiphany Cardio Server 3.3, 4.0, and 4.1 mishandles authentication requests, which...
CVE-2015-6540 Cross-site scripting (XSS) vulnerability in Intellect Design Arena Intellect Core banking software....
E
CVE-2015-6541 Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collabora...
E
CVE-2015-6542 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-3403. Reason: This candida...
R
CVE-2015-6544 Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop befo...
E S
CVE-2015-6545 Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb before 7.0.4 allows remote attac...
E
CVE-2015-6546 The vCMP host in F5 BIG-IP Analytics, APM, ASM, GTM, Link Controller, and LTM 11.0.0 before 11.6.0, ...
CVE-2015-6547 The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0....
CVE-2015-6548 Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gat...
CVE-2015-6549 Cross-site scripting (XSS) vulnerability in an application console in the server in Symantec NetBack...
CVE-2015-6550 bpcd in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x through 7.6.0.4, 7.6.1.x through 7.6.1.2, and...
CVE-2015-6551 Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through 2....
CVE-2015-6552 The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x th...
CVE-2015-6553 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2015-6554 Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to exec...
CVE-2015-6555 Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to exec...
CVE-2015-6556 EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption (SEE) b...
CVE-2015-6557 IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server 5.5 before 5.5.6....
S
CVE-2015-6563 The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous user...
CVE-2015-6564 Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH ...
CVE-2015-6565 sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local user...
E
CVE-2015-6566 zarafa-autorespond in Zarafa Collaboration Platform (ZCP) before 7.2.1 allows local users to gain pr...
CVE-2015-6567 Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/...
E S
CVE-2015-6568 Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/...
E S
CVE-2015-6569 Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows r...
CVE-2015-6574 The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP products allows remote attackers to...
E
CVE-2015-6575 SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly consider integer ...
CVE-2015-6576 Bamboo 2.2 before 5.8.5 and 5.9.x before 5.9.7 allows remote attackers with access to the Bamboo web...
CVE-2015-6580 Multiple unspecified vulnerabilities in Google V8 before 4.5.103.29, as used in Google Chrome before...
CVE-2015-6581 Double free vulnerability in the opj_j2k_copy_default_tcp_and_create_tcd function in j2k.c in OpenJP...
CVE-2015-6582 The decompose function in platform/transforms/TransformationMatrix.cpp in Blink, as used in Google C...
CVE-2015-6583 Google Chrome before 45.0.2454.85 does not display a location bar for a hosted app's window after na...
CVE-2015-6584 Cross-site scripting (XSS) vulnerability in the DataTables plugin 1.10.8 and earlier for jQuery allo...
E
CVE-2015-6585 hwpapp.dll in Hangul Word Processor allows remote attackers to execute arbitrary code via a crafted ...
CVE-2015-6586 The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC1...
M
CVE-2015-6587 The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service...
CVE-2015-6588 Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX Revolution before 1.9.1 allows re...
E
CVE-2015-6589 Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0....
E
CVE-2015-6591 Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables Ar...
E
CVE-2015-6592 Huawei UAP2105 before V300R012C00SPC160(BootRom) does not require authentication to the serial port ...
CVE-2015-6593 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-6593. Reason: This candida...
R
CVE-2015-6596 mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted applica...
CVE-2015-6598 libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or c...
CVE-2015-6599 libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or c...
CVE-2015-6600 libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or c...
CVE-2015-6601 libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or c...
CVE-2015-6602 libutils in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via craft...
CVE-2015-6603 libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or c...
CVE-2015-6604 libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or c...
CVE-2015-6605 mediaserver in Android before 5.1.1 LMY48T allows attackers to cause a denial of service (process cr...
CVE-2015-6606 The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android before 5.1.1 LMY48T ...
CVE-2015-6607 SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via...
CVE-2015-6608 mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to ...
CVE-2015-6609 libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute...
CVE-2015-6610 libstagefright in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain pri...
CVE-2015-6611 mediaserver in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to obta...
CVE-2015-6612 libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privilege...
CVE-2015-6613 Bluetooth in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to send commands...
CVE-2015-6614 Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain privileges, and consequently b...
CVE-2015-6616 mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to exec...
CVE-2015-6617 Skia, as used in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01, allows remote attackers to e...
CVE-2015-6618 Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to execut...
CVE-2015-6619 The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privile...
CVE-2015-6620 libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain pri...
CVE-2015-6621 SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privi...
CVE-2015-6622 The Native Frameworks Library in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attack...
CVE-2015-6623 Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application...
CVE-2015-6624 System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information via ...
CVE-2015-6625 System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information and ...
CVE-2015-6626 libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to o...
CVE-2015-6627 The Audio component in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers...
CVE-2015-6628 Media Framework in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to obtain ...
CVE-2015-6629 Wi-Fi in Android 5.x before 5.1.1 LMY48Z allows attackers to obtain sensitive information via unspec...
CVE-2015-6630 SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to read scree...
CVE-2015-6631 libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to o...
CVE-2015-6632 libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows remote attackers to o...
CVE-2015-6633 The display drivers in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allow remote attackers ...
CVE-2015-6634 The display drivers in Android before 5.1.1 LMY48Z allow remote attackers to execute arbitrary code ...
CVE-2015-6636 mediaserver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows remote attackers to ...
CVE-2015-6637 The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attacker...
CVE-2015-6638 The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 all...
CVE-2015-6639 The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01...
E
CVE-2015-6640 The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2...
CVE-2015-6641 Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts info...
CVE-2015-6642 The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensi...
CVE-2015-6643 Setup Wizard in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows physically proximat...
CVE-2015-6644 Bouncy Castle in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain se...
CVE-2015-6645 SyncManager in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to cause a den...
CVE-2015-6646 The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to c...
CVE-2015-6647 The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01...
CVE-2015-6649 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6650 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6651 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6652 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6653 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6654 The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not li...
S
CVE-2015-6655 Cross-site request forgery (CSRF) vulnerability in Pligg CMS 2.0.2 allows remote attackers to hijack...
E
CVE-2015-6658 Cross-site scripting (XSS) vulnerability in the Autocomplete system in Drupal 6.x before 6.37 and 7....
S
CVE-2015-6659 SQL injection vulnerability in the SQL comment filtering system in the Database API in Drupal 7.x be...
S
CVE-2015-6660 The Form API in Drupal 6.x before 6.37 and 7.x before 7.39 does not properly validate the form token...
S
CVE-2015-6661 Drupal 6.x before 6.37 and 7.x before 7.39 allows remote attackers to obtain sensitive node titles b...
S
CVE-2015-6662 XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read ...
CVE-2015-6663 Cross-site scripting (XSS) vulnerability in the Client form in the Device Inspector page in SAP Afar...
CVE-2015-6664 XML external entity (XXE) vulnerability in the application import functionality in SAP Mobile Platfo...
CVE-2015-6665 Cross-site scripting (XSS) vulnerability in the Ajax handler in Drupal 7.x before 7.39 and the Ctool...
S
CVE-2015-6666 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2015-6668 The Job Manager plugin before 0.7.25 allows remote attackers to read arbitrary CV files via a brute ...
E
CVE-2015-6670 ownCloud Server before 7.0.8, 8.0.x before 8.0.6, and 8.1.x before 8.1.1 does not properly check own...
CVE-2015-6671 Open edX edx-platform before 2015-08-25 requires use of the database for storage of SAML SSO secrets...
S
CVE-2015-6672 Cross-site scripting (XSS) vulnerability in the Administrative Web Interface in Citrix NetScaler App...
CVE-2015-6673 Use-after-free vulnerability in Decoder.cpp in libpgf before 6.15.32....
CVE-2015-6674 Buffer underflow vulnerability in the Debian inspircd package before 2.0.5-1+deb7u1 for wheezy and b...
S
CVE-2015-6675 Siemens RUGGEDCOM ROS 3.8.0 through 4.1.x permanently enables the IP forwarding feature, which allow...
CVE-2015-6676 Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS...
S
CVE-2015-6677 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....
S
CVE-2015-6678 Buffer overflow in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS...
S
CVE-2015-6679 Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2....
S
CVE-2015-6680 Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denia...
S
CVE-2015-6681 Adobe Shockwave Player before 12.2.0.162 allows attackers to execute arbitrary code or cause a denia...
S
CVE-2015-6682 Use-after-free vulnerability in Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on W...
S
CVE-2015-6683 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6684 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6685 Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...
S
CVE-2015-6686 Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...
S
CVE-2015-6687 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6688 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6689 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6690 Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1....
S
CVE-2015-6691 Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6692 Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and...
S
CVE-2015-6693 The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11....
S
CVE-2015-6694 Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...
S
CVE-2015-6695 Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...
S
CVE-2015-6696 Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...
S
CVE-2015-6697 Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...
S
CVE-2015-6698 Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10...
S
CVE-2015-6699 The addForegroundSprite function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11....
S
CVE-2015-6700 The setBackground function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...
S
CVE-2015-6701 The ambientIlluminationColor property implementation in Adobe Reader and Acrobat 10.x before 10.1.16...
S
CVE-2015-6702 The createSquareMesh function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.1...
S
CVE-2015-6703 The loadFlashMovie function in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,...
S
CVE-2015-6704 The animations property implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befo...
S
CVE-2015-6705 Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...
S
CVE-2015-6706 Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC ...
S
CVE-2015-6707 The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...
S
CVE-2015-6708 The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, ...
S
CVE-2015-6709 The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acro...
S
CVE-2015-6710 The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acroba...
S
CVE-2015-6711 The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13,...
S
CVE-2015-6712 The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x be...
S
CVE-2015-6713 The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11....
S
CVE-2015-6714 The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11....
S
CVE-2015-6715 The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11...
S
CVE-2015-6716 The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before...
S
CVE-2015-6717 The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6718 The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x be...
S
CVE-2015-6719 The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before...
S
CVE-2015-6720 The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befor...
S
CVE-2015-6721 The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x bef...
S
CVE-2015-6722 The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x befor...
S
CVE-2015-6723 The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0....
S
CVE-2015-6724 The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13...
S
CVE-2015-6725 The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11....
S
CVE-2015-6727 The Special:DeletedContributions page in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x ...
CVE-2015-6728 The ApiBase::getWatchlistUser function in MediaWiki before 1.23.10, 1.24.x before 1.24.3, and 1.25.x...
CVE-2015-6729 Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.2...
CVE-2015-6730 Cross-site scripting (XSS) vulnerability in thumb.php in MediaWiki before 1.23.10, 1.24.x before 1.2...
CVE-2015-6731 Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki all...
CVE-2015-6732 Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki all...
CVE-2015-6733 GeSHi, as used in the SyntaxHighlight_GeSHi extension and MediaWiki before 1.23.10, 1.24.x before 1....
CVE-2015-6734 Cross-site scripting (XSS) vulnerability in contrib/cssgen.php in the GeSHi, as used in the SyntaxHi...
CVE-2015-6735 The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new trans...
CVE-2015-6736 The Quiz extension for MediaWiki allows remote attackers to cause a denial of service via regex meta...
CVE-2015-6737 Cross-site scripting (XSS) vulnerability in the Widgets extension for MediaWiki allows remote attack...
CVE-2015-6742 Basware Banking (Maksuliikenne) before 8.90.07.X uses a hardcoded password for the ANCO account, whi...
CVE-2015-6743 Basware Banking (Maksuliikenne) 8.90.07.X uses a hardcoded password for an unspecified account, whic...
CVE-2015-6744 Basware Banking (Maksuliikenne) before 8.90.07.X relies on the client to enforce (1) login verificat...
CVE-2015-6745 Basware Banking (Maksuliikenne) 8.90.07.X relies on the client to enforce account locking, which all...
CVE-2015-6746 Basware Banking (Maksuliikenne) before 8.90.07.X stores private keys in plaintext in the SQL databas...
CVE-2015-6747 Basware Banking (Maksuliikenne) 8.90.07.X does not properly prevent access to private keys, which al...
CVE-2015-6748 Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3....
S
CVE-2015-6749 Buffer overflow in the aiff_open function in oggenc/audio.c in vorbis-tools 1.4.0 and earlier allows...
E
CVE-2015-6750 Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitr...
E
CVE-2015-6751 Multiple cross-site scripting (XSS) vulnerabilities in the Time Tracker module 7.x-1.x before 7.x-1....
S
CVE-2015-6752 Cross-site scripting (XSS) vulnerability in the Search API Autocomplete module 7.x-1.x before 7.x-1....
S
CVE-2015-6753 Multiple cross-site scripting (XSS) vulnerabilities in the Quick Edit module 7.x-1.x before 7.x-1.2 ...
S
CVE-2015-6754 Cross-site scripting (XSS) vulnerability in the administration interface in the Path Breadcrumbs mod...
S
CVE-2015-6755 The ContainerNode::parserInsertBefore function in core/dom/ContainerNode.cpp in Blink, as used in Go...
CVE-2015-6756 Use-after-free vulnerability in the CPDFSDK_PageView implementation in fpdfsdk/src/fsdk_mgr.cpp in P...
CVE-2015-6757 Use-after-free vulnerability in content/browser/service_worker/embedded_worker_instance.cc in the Se...
CVE-2015-6758 The CPDF_Document::GetPage function in fpdfapi/fpdf_parser/fpdf_parser_document.cpp in PDFium, as us...
CVE-2015-6759 The shouldTreatAsUniqueOrigin function in platform/weborigin/SecurityOrigin.cpp in Blink, as used in...
CVE-2015-6760 The Image11::map function in renderer/d3d/d3d11/Image11.cpp in libANGLE, as used in Google Chrome be...
CVE-2015-6761 The update_dimensions function in libavcodec/vp8.c in FFmpeg through 2.8.1, as used in Google Chrome...
CVE-2015-6762 The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style S...
CVE-2015-6763 Multiple unspecified vulnerabilities in Google Chrome before 46.0.2490.71 allow attackers to cause a...
E
CVE-2015-6764 The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in...
CVE-2015-6765 Use-after-free vulnerability in content/browser/appcache/appcache_update_job.cc in Google Chrome bef...
CVE-2015-6766 Use-after-free vulnerability in the AppCache implementation in Google Chrome before 47.0.2526.73 all...
CVE-2015-6767 Use-after-free vulnerability in content/browser/appcache/appcache_dispatcher_host.cc in the AppCache...
CVE-2015-6768 The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Sa...
CVE-2015-6769 The provisional-load commit implementation in WebKit/Source/bindings/core/v8/WindowProxy.cpp in Goog...
CVE-2015-6770 The DOM implementation in Google Chrome before 47.0.2526.73 allows remote attackers to bypass the Sa...
CVE-2015-6771 js/array.js in Google V8, as used in Google Chrome before 47.0.2526.73, improperly implements certai...
CVE-2015-6772 The DOM implementation in Blink, as used in Google Chrome before 47.0.2526.73, does not prevent java...
CVE-2015-6773 The convolution implementation in Skia, as used in Google Chrome before 47.0.2526.73, does not prope...
CVE-2015-6774 Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.c...
CVE-2015-6775 fpdfsdk/src/jsapi/fxjs_v8.cpp in PDFium, as used in Google Chrome before 47.0.2526.73, does not use ...
CVE-2015-6776 The opj_dwt_decode_1* functions in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 47.0...
CVE-2015-6777 Use-after-free vulnerability in the ContainerNode::notifyNodeInsertedInternal function in WebKit/Sou...
CVE-2015-6778 The CJBig2_SymbolDict class in fxcodec/jbig2/JBig2_SymbolDict.cpp in PDFium, as used in Google Chrom...
CVE-2015-6779 PDFium, as used in Google Chrome before 47.0.2526.73, does not properly restrict use of chrome: URLs...
CVE-2015-6780 Use-after-free vulnerability in the Infobars implementation in Google Chrome before 47.0.2526.73 all...
CVE-2015-6781 Integer overflow in the FontData::Bound function in data/font_data.cc in Google sfntly, as used in G...
CVE-2015-6782 The Document::open function in WebKit/Source/core/dom/Document.cpp in Google Chrome before 47.0.2526...
CVE-2015-6783 The FindStartOffsetOfFileInZipFile function in crazy_linker_zip.cpp in crazy_linker (aka Crazy Linke...
CVE-2015-6784 The page serializer in Google Chrome before 47.0.2526.73 mishandles Mark of the Web (MOTW) comments ...
CVE-2015-6785 The CSPSource::hostMatches function in WebKit/Source/core/frame/csp/CSPSource.cpp in the Content Sec...
CVE-2015-6786 The CSPSourceList::matches function in WebKit/Source/core/frame/csp/CSPSourceList.cpp in the Content...
CVE-2015-6787 Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.73 allow attackers to cause a...
E
CVE-2015-6788 The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the ex...
CVE-2015-6789 Race condition in the MutationObserver implementation in Blink, as used in Google Chrome before 47.0...
CVE-2015-6790 The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl.cpp i...
CVE-2015-6791 Multiple unspecified vulnerabilities in Google Chrome before 47.0.2526.80 allow attackers to cause a...
CVE-2015-6792 The MIDI subsystem in Google Chrome before 47.0.2526.106 does not properly handle the sending of dat...
CVE-2015-6805 Cross-site scripting (XSS) vulnerability in the MDC Private Message plugin 1.0.0 for WordPress allow...
E
CVE-2015-6806 The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, w...
E
CVE-2015-6807 Cross-site scripting (XSS) vulnerability in the Mass Contact module 6.x-1.x before 6.x-1.6 and 7.x-1...
S
CVE-2015-6808 Cross-site scripting (XSS) vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for Drupal a...
S
CVE-2015-6809 Multiple cross-site scripting (XSS) vulnerabilities in BEdita before 3.6.0 allow remote attackers to...
E S
CVE-2015-6810 Cross-site scripting (XSS) vulnerability in Invision Power Services IPS Community Suite (aka Invisio...
E
CVE-2015-6811 SQL injection vulnerability in the Sophos Cyberoam CR500iNG-XP firewall appliance with CyberoamOS 10...
E
CVE-2015-6812 Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4...
CVE-2015-6815 The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process tran...
S
CVE-2015-6816 ganglia-web before 3.7.1 allows remote attackers to bypass authentication....
E S
CVE-2015-6817 PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login ...
S
CVE-2015-6818 The decode_ihdr_chunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce unique...
CVE-2015-6819 Multiple integer underflows in the ff_mjpeg_decode_frame function in libavcodec/mjpegdec.c in FFmpeg...
CVE-2015-6820 The ff_sbr_apply function in libavcodec/aacsbr.c in FFmpeg before 2.7.2 does not check for a matchin...
CVE-2015-6821 The ff_mpv_common_init function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly m...
CVE-2015-6822 The destroy_buffers function in libavcodec/sanm.c in FFmpeg before 2.7.2 does not properly maintain ...
CVE-2015-6823 The allocate_buffers function in libavcodec/alac.c in FFmpeg before 2.7.2 does not initialize certai...
CVE-2015-6824 The sws_init_context function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certa...
CVE-2015-6825 The ff_frame_thread_init function in libavcodec/pthread_frame.c in FFmpeg before 2.7.2 mishandles ce...
CVE-2015-6826 The ff_rv34_decode_init_thread_copy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not in...
CVE-2015-6827 Cross-site request forgery (CSRF) vulnerability in Auto-Exchanger 5.1.0 allows remote attackers to h...
E
CVE-2015-6828 The tweet_info function in class/__functions.php in the SecureMoz Security Audit plugin 1.0.5 and ea...
E
CVE-2015-6829 Multiple SQL injection vulnerabilities in the getip function in wp-limit-login-attempts.php in the W...
E
CVE-2015-6830 libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x ...
S
CVE-2015-6831 Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x ...
CVE-2015-6832 Use-after-free vulnerability in the SPL unserialize implementation in ext/spl/spl_array.c in PHP bef...
CVE-2015-6833 Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, a...
CVE-2015-6834 Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before ...
CVE-2015-6835 The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandl...
CVE-2015-6836 The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x...
CVE-2015-6837 The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5....
CVE-2015-6838 The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5....
CVE-2015-6839 The parse function in MSA vot.Ar 3.1 does not check whether a candidate receives more than one vote,...
CVE-2015-6843 Reviewer in EMC SourceOne Email Supervisor before 7.2 does not properly limit attempts to authentica...
CVE-2015-6844 Cross-site scripting (XSS) vulnerability in Reviewer in EMC SourceOne Email Supervisor before 7.2 al...
CVE-2015-6845 EMC SourceOne Email Supervisor before 7.2 does not properly employ random values for session IDs, wh...
CVE-2015-6846 EMC SourceOne Email Supervisor before 7.2 uses hardcoded encryption keys, which makes it easier for ...
CVE-2015-6847 The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE GU...
CVE-2015-6848 EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1, when the ...
CVE-2015-6849 EMC NetWorker before 8.0.4.5, 8.1.x before 8.1.3.6, 8.2.x before 8.2.2.2, and 9.0 before build 407 a...
CVE-2015-6850 EMC VPLEX GeoSynchrony 5.4 SP1 before P3 and 5.5 before Patch 1 has a default password for the root ...
CVE-2015-6851 EMC RSA SecurID Web Agent before 8.0 allows physically proximate attackers to bypass the privacy-scr...
CVE-2015-6852 Directory traversal vulnerability in the API in EMC Secure Remote Services Virtual Edition 3.x befor...
CVE-2015-6853 The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 CR13, ...
CVE-2015-6854 The non-Domino web agents in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3 C...
CVE-2015-6855 hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which all...
CVE-2015-6856 Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary ph...
E
CVE-2015-6857 Unspecified vulnerability in Virtual Table Server (VTS) in HP LoadRunner 11.52, 12.00, 12.01, 12.02,...
CVE-2015-6858 HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensi...
CVE-2015-6859 HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access r...
S
CVE-2015-6860 HPE Network Switches with software 15.16.x and 15.17.x allow local users to bypass intended access r...
S
CVE-2015-6861 HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated users to bypass an intended As...
CVE-2015-6862 HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass inte...
S
CVE-2015-6863 HPE ArcSight Logger before 6.1P1 allows remote attackers to execute arbitrary code via unspecified i...
S
CVE-2015-6864 HPE ArcSight Logger before 6.1P1 allows remote authenticated users to execute arbitrary code via uns...
S
CVE-2015-6865 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6866 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6867 The vertica-udx-zygote process in HP Vertica 7.1.1 UDx does not require authentication, which allows...
CVE-2015-6868 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6869 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6870 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6871 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6872 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6873 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6874 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6875 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6876 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6877 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6878 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6879 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6880 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6881 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6882 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6883 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6884 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6885 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6886 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6887 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6888 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6889 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6890 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6891 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6892 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6893 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6894 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6895 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6896 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6897 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6898 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6899 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6900 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6901 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6902 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6903 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6904 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6905 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6906 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6907 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2015-6908 The ber_get_next function in libraries/liblber/io.c in OpenLDAP 2.4.42 and earlier allows remote att...
E
CVE-2015-6909 Cross-site scripting (XSS) vulnerability in the "Create download task via file upload" feature in Sy...
E
CVE-2015-6910 SQL injection vulnerability in Synology Video Station before 1.5-0757 allows remote attackers to exe...
E
CVE-2015-6911 SQL injection vulnerability in Synology Video Station before 1.5-0763 allows remote attackers to exe...
E
CVE-2015-6912 Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell commands v...
E
CVE-2015-6913 Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in Synology D...
E
CVE-2015-6914 Absolute path traversal vulnerability in SiteFactory CMS 5.5.9 allows remote attackers to read arbit...
E
CVE-2015-6915 SQL injection vulnerability in Montala Limited ResourceSpace 7.3.7009 and earlier allows remote atta...
E
CVE-2015-6918 salt before 2015.5.5 leaks git usernames and passwords to the log....
S
CVE-2015-6919 Cross-site scripting (XSS) vulnerability in the googleSearch (CSE) (com_googlesearch_cse) component ...
E
CVE-2015-6920 Cross-site scripting (XSS) vulnerability in js/window.php in the sourceAFRICA plugin 0.1.3 for WordP...
E
CVE-2015-6921 Cross-site scripting (XSS) vulnerability in the Zendesk Feedback Tab module 7.x-1.x before 7.x-1.1 f...
S
CVE-2015-6922 Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0...
E
CVE-2015-6923 The ndvbs module in VBox Communications Satellite Express Protocol 2.3.17.3 allows local users to wr...
E
CVE-2015-6925 wolfSSL (formerly CyaSSL) before 3.6.8 allows remote attackers to cause a denial of service (resourc...
E
CVE-2015-6926 The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote atta...
M
CVE-2015-6927 vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/...
E S
CVE-2015-6928 classes/admin.class.php in CubeCart 5.2.12 through 5.2.16 and 6.x before 6.0.7 does not properly val...
E S
CVE-2015-6929 Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions and ...
E
CVE-2015-6931 Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 befo...
S
CVE-2015-6932 VMware vCenter Server 5.5 before u3 and 6.0 before u1 does not verify X.509 certificates from TLS LD...
CVE-2015-6933 The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, ...
S
CVE-2015-6934 Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize...
CVE-2015-6935 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6937 The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows loca...
S
CVE-2015-6938 Cross-site scripting (XSS) vulnerability in the file browser in notebook/notebookapp.py in IPython N...
E S
CVE-2015-6939 Cross-site scripting (XSS) vulnerability in the login module in Joomla! 3.4.x before 3.4.4 allows re...
E
CVE-2015-6940 The GetResource servlet in Pentaho Business Analytics (BA) Suite 4.5.x, 4.8.x, and 5.0.x through 5.2...
E S
CVE-2015-6941 win_useradd, salt-cloud and the Linode driver in salt 2015.5.x before 2015.5.6, and 2015.8.x before ...
S
CVE-2015-6942 Cross-site scripting (XSS) vulnerability in Coremail XT3.0 allows remote attackers to inject arbitra...
E
CVE-2015-6943 SQL injection vulnerability in the serendipity_checkCommentToken function in include/functions_comme...
E S
CVE-2015-6944 Cross-site request forgery (CSRF) vulnerability in JSP/MySQL Administrador Web 1 allows remote attac...
E
CVE-2015-6945 Cross-site scripting (XSS) vulnerability in JSP/MySQL Administrador Web 1 allows remote attackers to...
E
CVE-2015-6946 Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allo...
E
CVE-2015-6947 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-6946. Reason: This issue was...
R
CVE-2015-6948 Heap-based buffer overflow in the Microsoft Word document conversion feature in Corel WordPerfect al...
CVE-2015-6949 Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrar...
CVE-2015-6959 Cross-site scripting (XSS) vulnerability in Vindula 1.9....
CVE-2015-6960 edx-platform before 2015-09-17 allows XSS via a team name....
S
CVE-2015-6961 Open redirect vulnerability in gluon/tools.py in Web2py 2.9.11 allows remote attackers to redirect u...
S
CVE-2015-6962 SQL injection vulnerability in the web application in Farol allows remote attackers to execute arbit...
E
CVE-2015-6963 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6964 MultiBit HD before 0.1.2 allows attackers to conduct bit-flipping attacks that insert unspendable Bi...
E
CVE-2015-6965 Multiple cross-site request forgery (CSRF) vulnerabilities in the Contact Form Generator plugin 2.0....
E
CVE-2015-6966 Multiple cross-site request forgery (CSRF) vulnerabilities in Nibbleblog before 4.0.5 allow remote a...
E S
CVE-2015-6967 Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remo...
E
CVE-2015-6968 Multiple incomplete blacklist vulnerabilities in the serendipity_isActiveFile function in include/fu...
E S
CVE-2015-6969 Cross-site scripting (XSS) vulnerability in js/2k11.min.js in the 2k11 theme in Serendipity before 2...
E S
CVE-2015-6970 The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmwar...
E
CVE-2015-6971 Lenovo System Update (formerly ThinkVantage System Update) before 5.07.0013 allows local users to su...
E
CVE-2015-6972 Multiple cross-site scripting (XSS) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow remote ...
E
CVE-2015-6973 Multiple cross-site request forgery (CSRF) vulnerabilities in Ignite Realtime Openfire 3.10.2 allow ...
E
CVE-2015-6974 IOHIDFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows attackers ...
CVE-2015-6975 CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attack...
S
CVE-2015-6976 FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr...
CVE-2015-6977 FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr...
CVE-2015-6978 FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr...
CVE-2015-6979 GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary code in a privileged context ...
CVE-2015-6980 Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which all...
CVE-2015-6981 WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6982 WebKit, as used in Apple iOS before 9.1, allows remote attackers to execute arbitrary code or cause ...
CVE-2015-6983 Double free vulnerability in Apple iOS before 9.1 and OS X before 10.11.1 allows attackers to write ...
CVE-2015-6984 libarchive in Apple OS X before 10.11.1 allows attackers to write to arbitrary files via a crafted a...
CVE-2015-6985 Apple Type Services (ATS) in Apple OS X before 10.11.1 allows remote attackers to execute arbitrary ...
CVE-2015-6986 com.apple.driver.AppleVXD393 in the Graphics Driver subsystem in Apple iOS before 9.1 allows attacke...
CVE-2015-6987 The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of ser...
CVE-2015-6988 The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data s...
CVE-2015-6989 Grand Central Dispatch in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows...
CVE-2015-6990 FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr...
CVE-2015-6991 FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr...
CVE-2015-6992 CoreText in Apple iOS before 9.1, OS X before 10.11.1, and iTunes before 12.3.1 allows remote attack...
S
CVE-2015-6993 FontParser in Apple iOS before 9.1 and OS X before 10.11.1 allows remote attackers to execute arbitr...
CVE-2015-6994 The kernel in Apple iOS before 9.1 and OS X before 10.11.1 mishandles reuse of virtual memory, which...
CVE-2015-6995 The Disk Images component in Apple iOS before 9.1 and OS X before 10.11.1 misparses images, which al...
CVE-2015-6996 IOAcceleratorFamily in Apple iOS before 9.1, OS X before 10.11.1, and watchOS before 2.0.1 allows at...
CVE-2015-6997 The X.509 certificate-trust implementation in Apple iOS before 9.1 does not recognize that the kSecR...
CVE-2015-6998 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2015-6999 The OCSP client in Apple iOS before 9.1 does not check for certificate expiry, which allows remote a...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.