CVE-2015-9xxx
There are 547 CVE in this subgroup.
Last updated:
| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2015-9000 | In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine i... | S | |
| CVE-2015-9001 | In TrustZone an information exposure vulnerability can potentially occur in all Android releases fro... | S | |
| CVE-2015-9002 | In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in ... | S | |
| CVE-2015-9003 | In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the ... | S | |
| CVE-2015-9004 | kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local... | S | |
| CVE-2015-9005 | In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer ... | S | |
| CVE-2015-9006 | In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper... | S | |
| CVE-2015-9007 | In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability co... | S | |
| CVE-2015-9008 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9009 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9010 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9011 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9012 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9013 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9014 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9015 | An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Vers... | | |
| CVE-2015-9016 | In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a ... | S | |
| CVE-2015-9019 | In libxslt 1.1.29 and earlier, the EXSLT math.random function was not initialized with a random seed... | S | |
| CVE-2015-9020 | In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerabil... | | |
| CVE-2015-9021 | In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabl... | | |
| CVE-2015-9022 | In all Android releases from CAF using the Linux kernel, time-of-check Time-of-use (TOCTOU) Race Con... | | |
| CVE-2015-9023 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in t... | | |
| CVE-2015-9024 | In all Android releases from CAF using the Linux kernel, some interfaces were improperly exposed to ... | | |
| CVE-2015-9025 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a... | | |
| CVE-2015-9026 | In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerabil... | | |
| CVE-2015-9027 | In all Android releases from CAF using the Linux kernel, an untrusted pointer dereference vulnerabil... | | |
| CVE-2015-9028 | In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a... | | |
| CVE-2015-9029 | In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access contro... | | |
| CVE-2015-9030 | In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypa... | | |
| CVE-2015-9031 | In all Android releases from CAF using the Linux kernel, a TZ memory address is exposed to HLOS by H... | | |
| CVE-2015-9032 | In all Android releases from CAF using the Linux kernel, a DRM key was exposed to QTEE applications.... | | |
| CVE-2015-9033 | In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a poin... | | |
| CVE-2015-9034 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to... | | |
| CVE-2015-9035 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fail... | | |
| CVE-2015-9036 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length ... | | |
| CVE-2015-9037 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read m... | | |
| CVE-2015-9038 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may b... | | |
| CVE-2015-9039 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9040 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9041 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu... | | |
| CVE-2015-9042 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu... | | |
| CVE-2015-9043 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can b... | | |
| CVE-2015-9044 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9045 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9046 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9047 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9048 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9049 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9050 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9051 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9052 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exis... | | |
| CVE-2015-9053 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu... | | |
| CVE-2015-9054 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can b... | | |
| CVE-2015-9055 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was pot... | | |
| CVE-2015-9056 | Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack.... | | |
| CVE-2015-9057 | Multiple cross-site scripting (XSS) vulnerabilities in Proxmox Mail Gateway prior to hotfix 4.0-8-09... | E | |
| CVE-2015-9058 | Open redirect vulnerability in Proxmox Mail Gateway prior to hotfix 4.0-8-097d26a9 allows remote att... | E | |
| CVE-2015-9059 | picocom before 2.0 has a command injection vulnerability in the 'send and receive file' command beca... | S | |
| CVE-2015-9060 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not pro... | | |
| CVE-2015-9061 | In all Qualcomm products with Android releases from CAF using the Linux kernel, playReady DRM failed... | | |
| CVE-2015-9062 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow ... | | |
| CVE-2015-9063 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu... | | |
| CVE-2015-9064 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send IMEI... | | |
| CVE-2015-9065 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a UE can respond to ... | | |
| CVE-2015-9066 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vu... | | |
| CVE-2015-9067 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler... | | |
| CVE-2015-9068 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a min... | | |
| CVE-2015-9069 | In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File Syst... | | |
| CVE-2015-9070 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v... | | |
| CVE-2015-9071 | In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read v... | | |
| CVE-2015-9072 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer... | | |
| CVE-2015-9073 | In all Qualcomm products with Android releases from CAF using the Linux kernel, an untrusted pointer... | | |
| CVE-2015-9074 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9075 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9076 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9077 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9078 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9079 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9080 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9081 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9082 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9083 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9084 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9085 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9086 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9087 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9088 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9089 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9090 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9091 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9092 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9093 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9094 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9095 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9096 | Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT ... | E S | |
| CVE-2015-9097 | The mail gem before 2.5.5 for Ruby (aka A Really Ruby Mail Library) is vulnerable to SMTP command in... | E | |
| CVE-2015-9098 | In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated ac... | E | |
| CVE-2015-9099 | The lame_init_params function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to ca... | | |
| CVE-2015-9100 | The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.99.5 allows remote attackers t... | | |
| CVE-2015-9101 | The fill_buffer_resample function in util.c in libmp3lame.a in LAME 3.98.4, 3.98.2, 3.98, 3.99, 3.99... | E | |
| CVE-2015-9102 | Multiple cross-site scripting (XSS) vulnerabilities in Synology Photo Station 6.0 before 6.0-2638 an... | | |
| CVE-2015-9103 | Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier al... | | |
| CVE-2015-9104 | Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 bef... | | |
| CVE-2015-9105 | Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 before 1.2-0455, 1... | | |
| CVE-2015-9107 | Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the creden... | | |
| CVE-2015-9108 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9109 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9110 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9111 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9112 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9113 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9114 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9115 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9116 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9117 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9118 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, ... | | |
| CVE-2015-9119 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9120 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9121 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9122 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9123 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdrag... | | |
| CVE-2015-9124 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, ... | | |
| CVE-2015-9125 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9126 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9127 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9128 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9129 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9130 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9131 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, S... | | |
| CVE-2015-9132 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small... | | |
| CVE-2015-9133 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, S... | | |
| CVE-2015-9134 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12... | | |
| CVE-2015-9135 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9136 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9137 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9138 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9139 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9140 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdrag... | | |
| CVE-2015-9141 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9142 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, ... | | |
| CVE-2015-9143 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9144 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9145 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9146 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, ... | | |
| CVE-2015-9147 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, ... | | |
| CVE-2015-9148 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9149 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9150 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, ... | | |
| CVE-2015-9151 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, ... | | |
| CVE-2015-9152 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9153 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9154 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9155 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9156 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9157 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9158 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9159 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9160 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9161 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9162 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12... | | |
| CVE-2015-9163 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9164 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9165 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9166 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9167 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9168 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9169 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9170 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9171 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9172 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9173 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12... | | |
| CVE-2015-9174 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12... | | |
| CVE-2015-9175 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9176 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9177 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9178 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9179 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, ... | | |
| CVE-2015-9180 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9181 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9182 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9183 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12... | | |
| CVE-2015-9184 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9185 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9186 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9187 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9188 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9189 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9190 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9191 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9192 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9193 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9194 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD... | | |
| CVE-2015-9195 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, ... | | |
| CVE-2015-9196 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small... | | |
| CVE-2015-9197 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9198 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9199 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and S... | | |
| CVE-2015-9200 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9201 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9202 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9203 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9204 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9205 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9206 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9207 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9208 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9209 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9210 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9211 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9212 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9213 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9214 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9215 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, ... | | |
| CVE-2015-9216 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9217 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9218 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9219 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 an... | | |
| CVE-2015-9220 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | | |
| CVE-2015-9221 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, S... | | |
| CVE-2015-9222 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapd... | E | |
| CVE-2015-9223 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, ... | | |
| CVE-2015-9224 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snap... | | |
| CVE-2015-9225 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2015-9226 | Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute ar... | E | |
| CVE-2015-9227 | PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller/report_... | E | |
| CVE-2015-9228 | In post-new.php in the Photocrati NextGEN Gallery plugin 2.1.10 for WordPress, unrestricted file upl... | | |
| CVE-2015-9229 | In the nggallery-manage-gallery page in the Photocrati NextGEN Gallery plugin 2.1.15 for WordPress, ... | E | |
| CVE-2015-9230 | In the admin/db-backup-security/db-backup-security.php page in the BulletProof Security plugin befor... | E | |
| CVE-2015-9231 | iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords by reading DNS queries. A new ... | E | |
| CVE-2015-9232 | The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for its ... | E M | |
| CVE-2015-9233 | The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress ... | | |
| CVE-2015-9234 | The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress ... | | |
| CVE-2015-9235 | In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when ... | E S | |
| CVE-2015-9236 | Hapi versions less than 11.0.0 implement CORS incorrectly and allowed for configurations that at bes... | S | |
| CVE-2015-9238 | secure-compare 3.0.0 and below do not actually compare two strings properly. compare was actually co... | | |
| CVE-2015-9239 | ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user i... | E | |
| CVE-2015-9240 | Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, inc... | | |
| CVE-2015-9241 | Certain input passed into the If-Modified-Since or Last-Modified headers will cause an 'illegal acce... | E S | |
| CVE-2015-9242 | Certain input strings when passed to new Date() or Date.parse() in ecstatic node module before 1.4.0... | | |
| CVE-2015-9243 | When server level, connection level or route level CORS configurations in hapi node module before 11... | E | |
| CVE-2015-9244 | Keys of objects in mysql node module v2.0.0-alpha7 and earlier are not escaped with `mysql.escape()`... | E | |
| CVE-2015-9245 | Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows unauthenticated r... | | |
| CVE-2015-9246 | An issue was discovered in Skybox Platform before 7.5.201. Remote Unauthenticated Code Execution exi... | E | |
| CVE-2015-9247 | An issue was discovered in Skybox Platform before 7.5.401. Reflected cross-site scripting vulnerabil... | E | |
| CVE-2015-9248 | An issue was discovered in Skybox Platform before 7.5.201. Stored cross-site scripting vulnerabiliti... | E | |
| CVE-2015-9249 | An issue was discovered in Skybox Platform before 7.5.201. SQL Injection exists in /skyboxview/webse... | E | |
| CVE-2015-9250 | An issue was discovered in Skybox Platform before 7.5.201. Directory Traversal exists in /skyboxview... | E | |
| CVE-2015-9251 | jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax req... | S | |
| CVE-2015-9252 | An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFToken... | S | |
| CVE-2015-9253 | An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The ... | E S | |
| CVE-2015-9254 | Datto ALTO and SIRIS devices have a default VNC password.... | | |
| CVE-2015-9255 | Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information about data, soft... | | |
| CVE-2015-9256 | Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to de... | | |
| CVE-2015-9257 | BMC Remedy Action Request (AR) System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS.... | | |
| CVE-2015-9258 | In Docker Notary before 0.1, gotuf/signed/verify.go has a Signature Algorithm Not Matched to Key vul... | | |
| CVE-2015-9259 | In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry ... | | |
| CVE-2015-9260 | An issue was discovered in BEdita before 3.7.0. A cross-site scripting (XSS) attack occurs via a cra... | E | |
| CVE-2015-9261 | huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, ca... | E S | |
| CVE-2015-9262 | _XcursorThemeInherits in library.c in libXcursor before 1.1.15 allows remote attackers to cause deni... | S | |
| CVE-2015-9263 | An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (b... | E | |
| CVE-2015-9264 | Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the adminis... | | |
| CVE-2015-9265 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-14622. Reason: This candid... | R | |
| CVE-2015-9266 | Ubiquiti airOS HTTP(S) unauthenticated arbitrary file upload | E S | |
| CVE-2015-9267 | Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unp... | E S | |
| CVE-2015-9268 | Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dl... | E S | |
| CVE-2015-9269 | The export/content.php exportarticle feature in the wordpress-mobile-pack plugin before 2.1.3 2015-0... | E | |
| CVE-2015-9270 | XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPress via the thc-month paramete... | | |
| CVE-2015-9271 | The VideoWhisper videowhisper-video-conference-integration plugin 4.91.8 for WordPress allows remote... | E | |
| CVE-2015-9272 | The videowhisper-video-presentation plugin 3.31.17 for WordPress allows remote attackers to execute ... | E | |
| CVE-2015-9273 | The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for WordPress has XSS via an HTTP Ref... | | |
| CVE-2015-9274 | HarfBuzz before 1.0.4 allows remote attackers to cause a denial of service (invalid read of two byte... | S | |
| CVE-2015-9275 | ARC 5.21q allows directory traversal via a full pathname in an archive file.... | E S | |
| CVE-2015-9276 | SmarterTools SmarterMail before 13.3.5535 was vulnerable to stored XSS by bypassing the anti-XSS mec... | | |
| CVE-2015-9277 | MailEnable before 8.60 allows Directory Traversal for reading the messages of other users, uploading... | E | |
| CVE-2015-9278 | MailEnable before 8.60 allows Privilege Escalation because admin accounts could be created as a cons... | E | |
| CVE-2015-9279 | MailEnable before 8.60 allows Stored XSS via malformed use of " | E | |
| CVE-2015-9280 | MailEnable before 8.60 allows XXE via an XML document in the request.aspx Options parameter.... | E | |
| CVE-2015-9281 | Logon Manager in SAS Web Infrastructure Platform before 9.4M3 allows reflected XSS on the Timeout pa... | S | |
| CVE-2015-9282 | The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable to XSS via legend data or to... | E S | |
| CVE-2015-9284 | The request phase of the OmniAuth Ruby gem (1.9.1 and earlier) is vulnerable to Cross-Site Request F... | S | |
| CVE-2015-9285 | esoTalk 1.0.0g4 has XSS via the PATH_INFO to the conversations/ URI.... | E | |
| CVE-2015-9286 | Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.... | E S | |
| CVE-2015-9287 | Directory Traversal was discovered in University of Cambridge mod_ucam_webauth before 2.0.2. The key... | | |
| CVE-2015-9288 | The Unity Web Player plugin before 4.6.6f2 and 5.x before 5.0.3f2 allows attackers to read messages ... | | |
| CVE-2015-9289 | In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers... | S | |
| CVE-2015-9290 | In FreeType before 2.6.1, a buffer over-read occurs in type1/t1parse.c on function T1_Get_Private_Di... | E S | |
| CVE-2015-9291 | cPanel before 11.52.0.13 does not prevent arbitrary file-read operations via get_information_for_app... | | |
| CVE-2015-9292 | 6kbbs 7.1 and 8.0 allows CSRF via portalchannel_ajax.php (id or code parameter) or admin.php (fileid... | E | |
| CVE-2015-9293 | The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock requ... | | |
| CVE-2015-9294 | The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg a... | | |
| CVE-2015-9295 | The contact-form-plugin plugin before 3.96 for WordPress has XSS.... | | |
| CVE-2015-9296 | The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg.... | | |
| CVE-2015-9297 | The events-manager plugin before 5.6 for WordPress has XSS.... | | |
| CVE-2015-9298 | The events-manager plugin before 5.6 for WordPress has code injection.... | | |
| CVE-2015-9299 | The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.... | | |
| CVE-2015-9300 | The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues.... | | |
| CVE-2015-9301 | The liveforms plugin before 3.2.0 for WordPress has SQL injection.... | | |
| CVE-2015-9302 | The simple-fields plugin before 1.4.11 for WordPress has XSS.... | | |
| CVE-2015-9303 | The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS.... | | |
| CVE-2015-9304 | The ultimate-member plugin before 1.3.18 for WordPress has XSS via text input.... | | |
| CVE-2015-9305 | The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() an... | | |
| CVE-2015-9306 | The wp-ultimate-csv-importer plugin before 3.8.1 for WordPress has XSS.... | | |
| CVE-2015-9307 | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location featur... | | |
| CVE-2015-9308 | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.... | | |
| CVE-2015-9309 | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category featur... | | |
| CVE-2015-9310 | The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection... | | |
| CVE-2015-9311 | The newstatpress plugin before 1.0.6 for WordPress has reflected XSS.... | | |
| CVE-2015-9312 | The newstatpress plugin before 1.0.5 for WordPress has XSS related to an IMG element.... | | |
| CVE-2015-9313 | The newstatpress plugin before 1.0.5 for WordPress has SQL injection related to an IMG element.... | | |
| CVE-2015-9314 | The newstatpress plugin before 1.0.4 for WordPress has XSS related to the Referer header.... | | |
| CVE-2015-9315 | The newstatpress plugin before 1.0.1 for WordPress has SQL injection.... | | |
| CVE-2015-9316 | The wp-fastest-cache plugin before 0.8.4.9 for WordPress has SQL injection in wp-admin/admin-ajax.ph... | E | |
| CVE-2015-9317 | The awesome-support plugin before 3.1.7 for WordPress has XSS via custom information messages.... | | |
| CVE-2015-9318 | The awesome-support plugin before 3.1.7 for WordPress has a security issue in which shortcodes are a... | | |
| CVE-2015-9319 | The gregs-high-performance-seo plugin before 1.6.2 for WordPress has XSS in the context of an old br... | | |
| CVE-2015-9320 | The option-tree plugin before 2.5.4 for WordPress has XSS related to add_query_arg.... | | |
| CVE-2015-9321 | The shortcode-factory plugin before 1.1.1 for WordPress has XSS via add_query_arg.... | | |
| CVE-2015-9322 | The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF.... | | |
| CVE-2015-9323 | The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.... | E | |
| CVE-2015-9324 | The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection.... | | |
| CVE-2015-9325 | The visitors-online plugin before 0.4 for WordPress has SQL injection.... | | |
| CVE-2015-9326 | The wp-business-intelligence-lite plugin before 1.6.3 for WordPress has SQL injection.... | | |
| CVE-2015-9327 | The flickr-justified-gallery plugin before 3.4.0 for WordPress has XSS.... | | |
| CVE-2015-9328 | The profile-builder plugin before 2.2.5 for WordPress has XSS.... | | |
| CVE-2015-9329 | The wp-all-import plugin before 3.2.5 for WordPress has reflected XSS.... | | |
| CVE-2015-9330 | The wp-all-import plugin before 3.2.5 for WordPress has blind SQL injection.... | | |
| CVE-2015-9331 | The wp-all-import plugin before 3.2.4 for WordPress has no prevention of unauthenticated requests to... | | |
| CVE-2015-9332 | The uninstall plugin before 1.2 for WordPress has CSRF to delete all tables via the wp-admin/admin-a... | | |
| CVE-2015-9333 | The cforms2 plugin before 14.6.10 for WordPress has SQL injection.... | | |
| CVE-2015-9334 | The email-newsletter plugin through 20.15 for WordPress has SQL injection.... | | |
| CVE-2015-9335 | The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling.... | | |
| CVE-2015-9336 | The clean-login plugin before 1.5.1 for WordPress has reflected XSS.... | | |
| CVE-2015-9337 | The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deacti... | | |
| CVE-2015-9338 | The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php... | | |
| CVE-2015-9339 | The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js ... | | |
| CVE-2015-9340 | The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php,... | | |
| CVE-2015-9341 | The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php... | | |
| CVE-2015-9342 | The wp-rollback plugin before 1.2.3 for WordPress has XSS.... | | |
| CVE-2015-9343 | The wp-rollback plugin before 1.2.3 for WordPress has CSRF.... | | |
| CVE-2015-9344 | The link-log plugin before 2.1 for WordPress has SQL injection.... | | |
| CVE-2015-9345 | The link-log plugin before 2.0 for WordPress has HTTP Response Splitting.... | | |
| CVE-2015-9346 | The cp-polls plugin before 1.0.5 for WordPress has XSS.... | | |
| CVE-2015-9347 | The wp-plotly plugin before 1.0.3 for WordPress has XSS by authors.... | | |
| CVE-2015-9348 | The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force gu... | | |
| CVE-2015-9349 | The ckeditor-for-wordpress plugin before 4.5.3.1 for WordPress has reflected XSS in the "built-in (o... | | |
| CVE-2015-9350 | The feed-them-social plugin before 1.7.0 for WordPress has reflected XSS in the Facebook Feeds load ... | | |
| CVE-2015-9351 | The feed-them-social plugin before 1.7.0 for WordPress has possible shortcode execution in the Faceb... | | |
| CVE-2015-9352 | The wp-polls plugin before 2.72 for WordPress has SQL injection.... | | |
| CVE-2015-9353 | The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vul... | | |
| CVE-2015-9354 | The gigpress plugin before 2.3.11 for WordPress has XSS.... | | |
| CVE-2015-9355 | The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area.... | | |
| CVE-2015-9356 | The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg()... | | |
| CVE-2015-9357 | The akismet plugin before 3.1.5 for WordPress has XSS.... | | |
| CVE-2015-9358 | The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query... | | |
| CVE-2015-9359 | The Jetpack plugin before 3.4.3 for WordPress has XSS via add_query_arg() and remove_query_arg().... | | |
| CVE-2015-9360 | The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg(... | | |
| CVE-2015-9361 | The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg... | | |
| CVE-2015-9362 | The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_ar... | | |
| CVE-2015-9363 | iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().... | S | |
| CVE-2015-9364 | 2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and rem... | S | |
| CVE-2015-9365 | Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and... | S | |
| CVE-2015-9366 | Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg... | S | |
| CVE-2015-9367 | Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_que... | S | |
| CVE-2015-9368 | Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via a... | S | |
| CVE-2015-9369 | Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg... | S | |
| CVE-2015-9370 | Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remo... | | |
| CVE-2015-9371 | Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() ... | | |
| CVE-2015-9372 | Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and re... | | |
| CVE-2015-9373 | PayPal Pro Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and re... | | |
| CVE-2015-9374 | Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove... | | |
| CVE-2015-9375 | Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg... | | |
| CVE-2015-9376 | iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg().... | | |
| CVE-2015-9377 | iThemes Builder Theme Depot before 5.0.30 for WordPress has XSS via add_query_arg() and remove_query... | | |
| CVE-2015-9378 | iThemes Builder Theme Market before 5.1.27 for WordPress has XSS via add_query_arg() and remove_quer... | | |
| CVE-2015-9379 | iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_quer... | | |
| CVE-2015-9380 | The photo-gallery plugin before 1.2.42 for WordPress has CSRF.... | | |
| CVE-2015-9381 | FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.... | E S | |
| CVE-2015-9382 | FreeType before 2.6.1 has a buffer over-read in skip_comment in psaux/psobjs.c because ps_parser_ski... | E S | |
| CVE-2015-9383 | FreeType before 2.6.2 has a heap-based buffer over-read in tt_cmap14_validate in sfnt/ttcmap.c.... | E S | |
| CVE-2015-9384 | The relevant plugin before 1.0.8 for WordPress has XSS.... | | |
| CVE-2015-9385 | The quotes-and-tips plugin before 1.20 for WordPress has XSS.... | | |
| CVE-2015-9386 | The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manag... | E | |
| CVE-2015-9387 | The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/options-general.php CSRF.... | E | |
| CVE-2015-9388 | The mtouch-quiz plugin before 3.1.3 for WordPress has wp-admin/edit.php CSRF with resultant XSS.... | E | |
| CVE-2015-9389 | The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via a quiz name.... | E | |
| CVE-2015-9390 | The admin-management-xtended plugin before 2.4.0.1 for WordPress has privilege escalation because wp... | E | |
| CVE-2015-9391 | The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter.... | | |
| CVE-2015-9392 | The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_name parameter.... | E | |
| CVE-2015-9393 | The users-ultra plugin before 1.5.63 for WordPress has XSS via the p_desc parameter.... | | |
| CVE-2015-9394 | The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/a... | | |
| CVE-2015-9395 | The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.... | | |
| CVE-2015-9396 | The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/do... | | |
| CVE-2015-9397 | The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS.... | E | |
| CVE-2015-9398 | The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.... | E | |
| CVE-2015-9399 | The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injecti... | | |
| CVE-2015-9400 | The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL inject... | E | |
| CVE-2015-9401 | The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS.... | E | |
| CVE-2015-9402 | The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file uplo... | | |
| CVE-2015-9403 | The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS.... | E | |
| CVE-2015-9404 | The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS.... | E | |
| CVE-2015-9405 | The wp-piwik plugin before 1.0.5 for WordPress has XSS.... | S | |
| CVE-2015-9406 | Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attack... | E | |
| CVE-2015-9407 | The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS.... | E | |
| CVE-2015-9408 | The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resulta... | E | |
| CVE-2015-9409 | The alo-easymail plugin before 2.6.01 for WordPress has CSRF with resultant XSS in pages/alo-easymai... | E | |
| CVE-2015-9410 | The Blubrry PowerPress Podcasting plugin 6.0.4 for WordPress has XSS via the tab parameter.... | E | |
| CVE-2015-9411 | The Postmatic plugin before 1.4.6 for WordPress has XSS.... | | |
| CVE-2015-9412 | The Royal-Slider plugin before 3.2.7 for WordPress has XSS via the rstype parameter.... | E | |
| CVE-2015-9413 | The eshop plugin through 6.3.13 for WordPress has CSRF with resultant XSS via the wp-admin/admin.php... | E | |
| CVE-2015-9414 | The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium... | E | |
| CVE-2015-9415 | The bj-lazy-load plugin before 1.0 for WordPress has Remote File Inclusion.... | E | |
| CVE-2015-9416 | The sitepress-multilingual-cms (WPML) plugin 2.9.3 to 3.2.6 for WordPress has XSS via the Accept-Lan... | E | |
| CVE-2015-9417 | The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS.... | E | |
| CVE-2015-9418 | The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes.... | E | |
| CVE-2015-9419 | The captain-slider plugin 1.0.6 for WordPress has XSS via a Title or Caption section.... | E | |
| CVE-2015-9420 | The soundcloud-is-gold plugin before 2.3.2 for WordPress has XSS via the wp-admin/admin-ajax.php?act... | E | |
| CVE-2015-9421 | The olevmedia-shortcodes plugin before 1.1.9 for WordPress has CSRF with resultant XSS via the wp-ad... | E | |
| CVE-2015-9422 | The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has CSRF with resultant XSS via wp-a... | E | |
| CVE-2015-9423 | The PlugNedit Adaptive Editor plugin before 6.2.0 for WordPress has XSS via wp-admin/admin-ajax.php?... | E | |
| CVE-2015-9424 | The multicons plugin before 3.0 for WordPress has CSRF with resultant XSS via the wp-admin/options-g... | E | |
| CVE-2015-9425 | The social-locker plugin before 4.2.5 for WordPress has CSRF with resultant XSS via the wp-admin/edi... | E | |
| CVE-2015-9426 | The manual-image-crop plugin before 1.11 for WordPress has CSRF with resultant XSS via the wp-admin/... | E | |
| CVE-2015-9427 | The googmonify plugin through 0.5.1 for WordPress has CSRF with resultant XSS via the wp-admin/optio... | E | |
| CVE-2015-9428 | The wplegalpages plugin before 1.1 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?... | E | |
| CVE-2015-9429 | The yith-maintenance-mode plugin before 1.2.0 for WordPress has CSRF with resultant XSS via the wp-a... | E | |
| CVE-2015-9430 | The crazy-bone plugin before 0.6.0 for WordPress has XSS via the User-Agent HTTP header.... | E | |
| CVE-2015-9431 | The qtranslate-x plugin before 3.4.4 for WordPress has CSRF with resultant XSS via the wp-admin/opti... | E | |
| CVE-2015-9432 | The alpine-photo-tile-for-instagram plugin before 1.2.7.6 for WordPress has CSRF with resultant XSS ... | E | |
| CVE-2015-9433 | The wp-social-bookmarking-light plugin before 1.7.10 for WordPress has CSRF with resultant XSS via c... | E | |
| CVE-2015-9434 | The kiwi-logo-carousel plugin before 1.7.2 for WordPress has CSRF with resultant XSS via the wp-admi... | E | |
| CVE-2015-9435 | The oauth2-provider plugin before 3.1.5 for WordPress has incorrect generation of random numbers.... | | |
| CVE-2015-9436 | The dynamic-widgets plugin before 1.5.11 for WordPress has XSS via the wp-admin/admin-ajax.php?actio... | E | |
| CVE-2015-9437 | The dynamic-widgets plugin before 1.5.11 for WordPress has CSRF with resultant XSS via the wp-admin/... | E | |
| CVE-2015-9438 | The display-widgets plugin before 2.04 for WordPress has XSS via the wp-admin/admin-ajax.php?action=... | E | |
| CVE-2015-9439 | The addthis plugin before 5.0.13 for WordPress has CSRF with resultant XSS via the wp-admin/options-... | | |
| CVE-2015-9440 | The monetize plugin through 1.03 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?pa... | E | |
| CVE-2015-9441 | The bookmarkify plugin 2.9.2 for WordPress has CSRF with resultant XSS via wp-admin/options-general.... | E | |
| CVE-2015-9442 | The avenirsoft-directdownload plugin 1.0 for WordPress has CSRF with resultant XSS via wp-admin/admi... | E | |
| CVE-2015-9443 | The accurate-form-data-real-time-form-validation plugin 1.2 for WordPress has CSRF with resultant XS... | E | |
| CVE-2015-9444 | The altos-connect plugin 1.3.0 for WordPress has XSS via the wp-content/plugins/altos-connect/jquery... | E | |
| CVE-2015-9445 | The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin... | E | |
| CVE-2015-9446 | The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-a... | E | |
| CVE-2015-9447 | The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin... | E | |
| CVE-2015-9448 | The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-q... | E | |
| CVE-2015-9449 | The microblog-poster plugin before 1.6.2 for WordPress has SQL Injection via the wp-admin/options-ge... | E | |
| CVE-2015-9450 | The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the w... | | |
| CVE-2015-9451 | The plugmatter-optin-feature-box-lite plugin before 2.0.14 for WordPress has SQL injection via the w... | E | |
| CVE-2015-9452 | The nex-forms-express-wp-form-builder plugin before 4.6.1 for WordPress has SQL injection via the wp... | E | |
| CVE-2015-9453 | The broken-link-manager plugin before 0.6.0 for WordPress has XSS via the HTTP Referer or User-Agent... | E | |
| CVE-2015-9454 | The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=... | E | |
| CVE-2015-9455 | The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory tra... | | |
| CVE-2015-9456 | The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for ... | E | |
| CVE-2015-9457 | The pretty-link plugin before 1.6.8 for WordPress has PrliLinksController::list_links SQL injection ... | E | |
| CVE-2015-9458 | The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_ge... | E | |
| CVE-2015-9459 | The searchterms-tagging-2 plugin through 1.535 for WordPress has XSS via the wp-admin/options-genera... | E | |
| CVE-2015-9460 | The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injecti... | E | |
| CVE-2015-9461 | The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page... | E | |
| CVE-2015-9462 | The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL i... | E | |
| CVE-2015-9463 | The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adve... | E | |
| CVE-2015-9464 | The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal vi... | E | |
| CVE-2015-9465 | The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_fie... | E | |
| CVE-2015-9466 | The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the... | E | |
| CVE-2015-9467 | The broken-link-manager plugin before 0.5.0 for WordPress has wpslDelURL or wpslEditURL SQL injectio... | E | |
| CVE-2015-9468 | The broken-link-manager plugin 0.4.5 for WordPress has XSS via the page parameter in a delURL action... | | |
| CVE-2015-9469 | The content-grabber plugin 1.0 for WordPress has XSS via obj_field_name or obj_field_id.... | E | |
| CVE-2015-9470 | The history-collection plugin through 1.1.1 for WordPress has directory traversal via the download.p... | E | |
| CVE-2015-9471 | The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file upload.... | | |
| CVE-2015-9472 | The incoming-links plugin before 0.9.10b for WordPress has referrers.php XSS via the Referer HTTP he... | S | |
| CVE-2015-9473 | The estrutura-basica theme through 2015-09-13 for WordPress has directory traversal via the scripts/... | E | |
| CVE-2015-9474 | The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.... | E | |
| CVE-2015-9475 | The Pont theme 1.5 for WordPress has insufficient restrictions on option updates.... | E | |
| CVE-2015-9476 | The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates.... | | |
| CVE-2015-9477 | The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates.... | | |
| CVE-2015-9478 | prettyPhoto before 3.1.6 has js/jquery.prettyPhoto.js XSS.... | | |
| CVE-2015-9479 | The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an ac... | E | |
| CVE-2015-9480 | The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter.... | E | |
| CVE-2015-9481 | The ThemeMakers Diplomat | Political theme through 2015-05-15 for WordPress allows remote attackers ... | E | |
| CVE-2015-9482 | The ThemeMakers Car Dealer / Auto Dealer Responsive theme through 2015-05-15 for WordPress allows re... | E | |
| CVE-2015-9483 | The ThemeMakers Invento Responsive Gallery/Architecture Template component through 2015-05-15 for Wo... | E | |
| CVE-2015-9484 | The ThemeMakers Accio One Page Parallax Responsive theme through 2015-05-15 for WordPress allows rem... | E | |
| CVE-2015-9485 | The ThemeMakers Accio Responsive Parallax One Page Site Template component through 2015-05-15 for Wo... | E | |
| CVE-2015-9486 | The ThemeMakers Axioma Premium Responsive theme through 2015-05-15 for WordPress allows remote attac... | E | |
| CVE-2015-9487 | The ThemeMakers Almera Responsive Portfolio theme through 2015-05-15 for WordPress allows remote att... | E | |
| CVE-2015-9488 | The ThemeMakers Almera Responsive Portfolio Site Template component through 2015-05-15 for WordPress... | E | |
| CVE-2015-9489 | The ThemeMakers Goodnex Premium Responsive theme through 2015-05-15 for WordPress allows remote atta... | E | |
| CVE-2015-9490 | The ThemeMakers GamesTheme Premium theme through 2015-05-15 for WordPress allows remote attackers to... | E | |
| CVE-2015-9491 | The ThemeMakers Blessing Premium Responsive theme through 2015-05-15 for WordPress allows remote att... | E | |
| CVE-2015-9492 | The ThemeMakers SmartIT Premium Responsive theme through 2015-05-15 for WordPress allows remote atta... | E | |
| CVE-2015-9493 | The my-wish-list plugin before 1.4.2 for WordPress has multiple XSS issues.... | | |
| CVE-2015-9494 | The indieweb-post-kinds plugin before 1.3.1.1 for WordPress has XSS via the genericons/example.html ... | E | |
| CVE-2015-9495 | The syndication-links plugin before 1.0.3 for WordPress has XSS via the genericons/example.html anch... | E | |
| CVE-2015-9496 | The freshmail-newsletter plugin before 1.6 for WordPress has shortcode.php SQL Injection via the 'FM... | E | |
| CVE-2015-9497 | The ad-inserter plugin before 1.5.3 for WordPress has CSRF with resultant XSS via wp-admin/options-g... | E | |
| CVE-2015-9498 | The wps-hide-login plugin before 1.1 for WordPress has CSRF that affects saving an option value.... | | |
| CVE-2015-9499 | The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file w... | E | |
| CVE-2015-9500 | The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via the anchor identifier to asse... | E | |
| CVE-2015-9501 | The Artificial Intelligence theme before 1.2.4 for WordPress has XSS because Genericons HTML files a... | S | |
| CVE-2015-9502 | The Auberge theme before 1.4.5 for WordPress has XSS via the genericons/example.html anchor identifi... | | |
| CVE-2015-9503 | The Modern theme before 1.4.2 for WordPress has XSS via the genericons/example.html anchor identifie... | | |
| CVE-2015-9504 | The weeklynews theme before 2.2.9 for WordPress has XSS via the s parameter.... | E | |
| CVE-2015-9505 | The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x befor... | | |
| CVE-2015-9506 | The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as used with EDD 1.8.x before 1.... | | |
| CVE-2015-9507 | The Easy Digital Downloads (EDD) Attach Accounts to Orders extension for WordPress, as used with EDD... | | |
| CVE-2015-9508 | The Easy Digital Downloads (EDD) Commissions extension for WordPress, as used with EDD 1.8.x before ... | | |
| CVE-2015-9509 | The Easy Digital Downloads (EDD) Content Restriction extension for WordPress, as used with EDD 1.8.x... | | |
| CVE-2015-9510 | The Easy Digital Downloads (EDD) Cross-sell Upsell extension for WordPress, as used with EDD 1.8.x b... | | |
| CVE-2015-9511 | The Easy Digital Downloads (EDD) Conditional Success Redirects extension for WordPress, as used with... | | |
| CVE-2015-9512 | The Easy Digital Downloads (EDD) CSV Manager extension for WordPress, as used with EDD 1.8.x before ... | | |
| CVE-2015-9513 | The Easy Digital Downloads (EDD) Favorites extension for WordPress, as used with EDD 1.8.x before 1.... | | |
| CVE-2015-9514 | The Easy Digital Downloads (EDD) Free Downloads extension for WordPress, as used with EDD 1.8.x befo... | | |
| CVE-2015-9515 | The Easy Digital Downloads (EDD) htaccess Editor extension for WordPress, as used with EDD 1.8.x bef... | | |
| CVE-2015-9516 | The Easy Digital Downloads (EDD) Invoices extension for WordPress, as used with EDD 1.8.x before 1.8... | | |
| CVE-2015-9517 | The Easy Digital Downloads (EDD) Manual Purchases extension for WordPress, as used with EDD 1.8.x be... | | |
| CVE-2015-9518 | The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, as used with EDD 1.8.x before... | | |
| CVE-2015-9519 | The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress, as used with EDD 1.8.x before ... | | |
| CVE-2015-9520 | The Easy Digital Downloads (EDD) Per Product Emails extension for WordPress, as used with EDD 1.8.x ... | | |
| CVE-2015-9521 | The Easy Digital Downloads (EDD) Pushover Notifications extension for WordPress, as used with EDD 1.... | | |
| CVE-2015-9522 | The Easy Digital Downloads (EDD) QR Code extension for WordPress, as used with EDD 1.8.x before 1.8.... | | |
| CVE-2015-9523 | The Easy Digital Downloads (EDD) Recommended Products extension for WordPress, as used with EDD 1.8.... | | |
| CVE-2015-9524 | The Easy Digital Downloads (EDD) Recount Earnings extension for WordPress, as used with EDD 1.8.x be... | | |
| CVE-2015-9525 | The Easy Digital Downloads (EDD) Recurring Payments extension for WordPress, as used with EDD 1.8.x ... | | |
| CVE-2015-9526 | The Easy Digital Downloads (EDD) Reviews extension for WordPress, as used with EDD 1.8.x before 1.8.... | | |
| CVE-2015-9527 | The Easy Digital Downloads (EDD) Simple Shipping extension for WordPress, as used with EDD 1.8.x bef... | | |
| CVE-2015-9528 | The Easy Digital Downloads (EDD) Software Licensing extension for WordPress, as used with EDD 1.8.x ... | | |
| CVE-2015-9529 | The Easy Digital Downloads (EDD) Stripe extension for WordPress, as used with EDD 1.8.x before 1.8.7... | | |
| CVE-2015-9530 | The Easy Digital Downloads (EDD) Upload File extension for WordPress, as used with EDD 1.8.x before ... | | |
| CVE-2015-9531 | The Easy Digital Downloads (EDD) Wish Lists extension for WordPress, as used with EDD 1.8.x before 1... | | |
| CVE-2015-9532 | The Easy Digital Downloads (EDD) Digital Store theme for WordPress, as used with EDD 1.8.x before 1.... | | |
| CVE-2015-9533 | The Easy Digital Downloads (EDD) Lattice theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1... | | |
| CVE-2015-9534 | The Easy Digital Downloads (EDD) Quota theme for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9... | | |
| CVE-2015-9535 | The Easy Digital Downloads (EDD) Shoppette theme for WordPress, as used with EDD 1.8.x before 1.8.7,... | | |
| CVE-2015-9536 | The Easy Digital Downloads (EDD) Twenty-Twelve theme for WordPress, as used with EDD 1.8.x before 1.... | | |
| CVE-2015-9537 | The NextGEN Gallery plugin before 2.1.10 for WordPress has multiple XSS issues involving thumbnail_w... | E S | |
| CVE-2015-9538 | The NextGEN Gallery plugin before 2.1.15 for WordPress allows ../ Directory Traversal in path select... | E | |
| CVE-2015-9539 | The Fast Secure Contact Form plugin before 4.0.38 for WordPress allows fs_contact_form1[welcome] XSS... | E | |
| CVE-2015-9540 | Chamilo LMS through 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-... | E S | |
| CVE-2015-9541 | Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is... | | |
| CVE-2015-9542 | add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the inp... | S | |
| CVE-2015-9543 | An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0.... | S | |
| CVE-2015-9544 | An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalSto... | E S | |
| CVE-2015-9545 | An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalSto... | E S | |
| CVE-2015-9546 | An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-06-16... | | |
| CVE-2015-9547 | An issue was discovered on Samsung mobile devices with JBP(4.3) and KK(4.4.2) software. Because the ... | | |
| CVE-2015-9548 | An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of ... | | |
| CVE-2015-9549 | A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_... | E | |
| CVE-2015-9550 | An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B201... | E | |
| CVE-2015-9551 | An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B201... | E |