Latest CVE Feed
-
5.0
MEDIUMCVE-2015-0699
SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563.... Read more
Affected Products : unified_communications_domain_manager- EPSS Score: %0.24
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0698
Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID... Read more
Affected Products : web_security_appliance- EPSS Score: %0.26
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
5.8
MEDIUMCVE-2015-0697
Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing... Read more
Affected Products : telepresence_tc_software- EPSS Score: %0.21
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0696
Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bu... Read more
Affected Products : telepresence_tc_software- EPSS Score: %0.26
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
7.2
HIGHCVE-2015-0693
Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via a crafte... Read more
Affected Products : web_security_appliance- EPSS Score: %0.09
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0345
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before Update 5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : coldfusion- EPSS Score: %3.16
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-3044
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.... Read more
- EPSS Score: %2.30
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3043
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as explo... Read more
Affected Products : linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus flash_player mac_os_x opensuse windows +9 more products- Actively Exploited
- EPSS Score: %86.04
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3042
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- EPSS Score: %51.90
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3041
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- EPSS Score: %4.16
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-3040
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via ... Read more
- EPSS Score: %0.76
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3039
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more
- EPSS Score: %8.70
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3038
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- EPSS Score: %10.40
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2015-2114
HP Support Solution Framework before 11.51.0049 allows remote attackers to download an arbitrary program onto a client machine and execute this program via unspecified vectors.... Read more
- EPSS Score: %0.36
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-2113
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote attackers ... Read more
- EPSS Score: %22.82
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
9.0
HIGHCVE-2015-2112
Unspecified vulnerability in HP Easy Deploy, as distributed standalone and in HP Easy Tools before 3.0.1.1650, on HP Thin Client t5540, t5740, and t5740e devices and HP Flexible Thin Client t510, t520, t610, t620, and t820 devices allows remote authentica... Read more
- EPSS Score: %0.48
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0360
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- EPSS Score: %4.16
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0359
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability th... Read more
- EPSS Score: %89.60
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0358
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more
- EPSS Score: %2.32
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-0357
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux does not properly restrict discovery of memory addresses, which allows attackers to bypass the ASLR protection mechanism via ... Read more
- EPSS Score: %0.66
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025