Latest CVE Feed
-
4.0
MEDIUMCVE-2015-0423
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
4.0
MEDIUMCVE-2015-0405
Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-3319
Hotspot Express hotEx Billing Manager 73 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.... Read more
Affected Products : hotex_billing_manager- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2015-1822
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly ... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
6.5
MEDIUMCVE-2015-1821
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by ... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
7.5
HIGHCVE-2013-7439
Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow.... Read more
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
7.2
HIGHCVE-2015-1898
Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1897.... Read more
Affected Products : tivoli_storage_manager_fastback- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
7.2
HIGHCVE-2015-1897
Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1898.... Read more
Affected Products : tivoli_storage_manager_fastback- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
6.8
MEDIUMCVE-2015-0907
Buffer overflow in Lhaplus before 1.70 allows remote attackers to execute arbitrary code via a crafted archive.... Read more
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
5.8
MEDIUMCVE-2015-0906
Directory traversal vulnerability in Lhaplus before 1.70 allows remote attackers to write to arbitrary files via a crafted archive.... Read more
- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-0699
SQL injection vulnerability in the Interactive Voice Response (IVR) component in Cisco Unified Communications Manager (UCM) 10.5(1.98991.13) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCut21563.... Read more
Affected Products : unified_communications_domain_manager- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0698
Multiple cross-site scripting (XSS) vulnerabilities in filter search forms in admin web pages on Cisco Web Security Appliance (WSA) devices with software 8.5.0-497 allow remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID... Read more
Affected Products : web_security_appliance- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
5.8
MEDIUMCVE-2015-0697
Open redirect vulnerability in the login page in Cisco TC Software before 6.3-26 and 7.x before 7.3.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to redirect users to arbitrary web sites and conduct phishing... Read more
Affected Products : telepresence_tc_software- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0696
Cross-site scripting (XSS) vulnerability in the login page in Cisco TC Software before 7.1.0 on Cisco TelePresence Collaboration Desk and Room Endpoints devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bu... Read more
Affected Products : telepresence_tc_software- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
7.2
HIGHCVE-2015-0693
Cisco Web Security Appliance (WSA) devices with software 8.5.0-ise-147 do not properly restrict use of the pickle Python module during certain tunnel-status checks, which allows local users to execute arbitrary Python code and gain privileges via a crafte... Read more
Affected Products : web_security_appliance- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
4.3
MEDIUMCVE-2015-0345
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 16 and 11 before Update 5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more
Affected Products : coldfusion- Published: Apr. 15, 2015
- Modified: Apr. 12, 2025
-
5.0
MEDIUMCVE-2015-3044
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.... Read more
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3043
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as explo... Read more
Affected Products : linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus flash_player mac_os_x opensuse windows +9 more products- Actively Exploited
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3042
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3041
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025