Total
9398 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-8873 | 1 Oracle | 1 Openjdk | 2015-11-10 | 10.0 HIGH | N/A |
| A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /etc/mailcap by mime-support, which allows remote attackers to execute arbitrary code via a JAR file. | |||||
| CVE-2015-5044 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2015-11-09 | 3.3 LOW | N/A |
| The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x before 7.2.5 Patch 4 IF3 allows remote attackers to cause a denial of service via unspecified packets. | |||||
| CVE-2014-3825 | 1 Juniper | 13 Junos, Srx100, Srx110 and 10 more | 2015-11-05 | 6.8 MEDIUM | N/A |
| The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1X44 before 12.1X44-D40, 12.1X45 before 12.1X45-D30, 12.1X46 before 12.1X46-D25, and 12.1X47 before 12.1X47-D10, when an Application Layer Gateway (ALG) is enabled, allows remote attackers to cause a denial of service (flowd crash) via a crafted packet. | |||||
| CVE-2014-8013 | 1 Cisco | 1 Nx-os | 2015-11-04 | 4.9 MEDIUM | N/A |
| The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a denial of service (device reload) via a long CLI command, aka Bug ID CSCur54182. | |||||
| CVE-2015-0657 | 1 Cisco | 1 Ios Xr | 2015-11-02 | 5.0 MEDIUM | N/A |
| Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192. | |||||
| CVE-2015-0661 | 1 Cisco | 1 Ios Xr | 2015-11-02 | 4.0 MEDIUM | N/A |
| The SNMPv2 implementation in Cisco IOS XR allows remote authenticated users to cause a denial of service (snmpd daemon reload) via a malformed SNMP packet, aka Bug ID CSCur25858. | |||||
| CVE-2015-5014 | 1 Ibm | 1 Cognos Disclosure Management | 2015-10-27 | 9.3 HIGH | N/A |
| IBM Cognos Disclosure Management (CDM) 10.1.x and 10.2.x before 10.2.4 IF10 allows man-in-the-middle attackers to obtain access by spoofing an executable file during a client upload operation. | |||||
| CVE-2015-6987 | 1 Apple | 1 Mac Os X | 2015-10-27 | 2.1 LOW | N/A |
| The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of service (application crash) via crafted bookmark metadata in a folder. | |||||
| CVE-2015-5945 | 1 Apple | 1 Mac Os X | 2015-10-27 | 7.2 HIGH | N/A |
| The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via vectors involving NVRAM parameters. | |||||
| CVE-2015-0658 | 1 Cisco | 35 Nexus 3016, Nexus 3048, Nexus 3064 and 32 more | 2015-10-22 | 7.9 HIGH | N/A |
| The DHCP implementation in the PowerOn Auto Provisioning (POAP) feature in Cisco NX-OS does not properly restrict the initialization process, which allows remote attackers to execute arbitrary commands as root by sending crafted response packets on the local network, aka Bug ID CSCur14589. | |||||
| CVE-2015-7838 | 1 Solarwinds | 1 Storage Manager | 2015-10-16 | 10.0 HIGH | N/A |
| ProcessFileUpload.jsp in SolarWinds Storage Manager before 6.2 allows remote attackers to upload and execute arbitrary files via unspecified vectors. | |||||
| CVE-2015-1337 | 2 Canonical, Simpestreams Project | 2 Ubuntu Linux, Simplestreams | 2015-10-09 | 6.8 MEDIUM | N/A |
| Simple Streams (simplestreams) does not properly verify the GPG signatures of disk image files, which allows remote mirror servers to spoof disk images and have unspecified other impact via a 403 (aka Forbidden) response. | |||||
| CVE-2015-6598 | 1 Google | 1 Android | 2015-10-07 | 10.0 HIGH | N/A |
| libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23306638. | |||||
| CVE-2015-4992 | 1 Ibm | 1 Sterling B2b Integrator | 2015-10-07 | 3.5 LOW | N/A |
| IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors. | |||||
| CVE-2011-1166 | 1 Xen | 1 Xen | 2015-10-06 | 5.5 MEDIUM | N/A |
| Xen, possibly before 4.0.2, allows local 64-bit PV guests to cause a denial of service (host crash) by specifying user mode execution without user-mode pagetables. | |||||
| CVE-2014-9038 | 1 Wordpress | 1 Wordpress | 2015-10-05 | 6.4 MEDIUM | N/A |
| wp-includes/http.php in WordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remote attackers to conduct server-side request forgery (SSRF) attacks by referring to a 127.0.0.0/8 resource. | |||||
| CVE-2015-0678 | 1 Cisco | 2 Asa Cx Context-aware Security Software, Asa With Firepower Services | 2015-10-01 | 7.8 HIGH | N/A |
| The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954. | |||||
| CVE-2015-0669 | 1 Cisco | 1 Ios | 2015-10-01 | 6.4 MEDIUM | N/A |
| The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 15.4S and 15.4(3)S allows remote attackers to modify configuration settings or cause a denial of service (partial service outage) by sending crafted Autonomic Networking (AN) messages on an intranet network, aka Bug ID CSCup62167. | |||||
| CVE-2015-0637 | 1 Cisco | 2 Ios, Ios Xe | 2015-10-01 | 7.8 HIGH | N/A |
| The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (device reload) via spoofed AN messages, aka Bug ID CSCup62315. | |||||
| CVE-2015-0636 | 1 Cisco | 2 Ios, Ios Xe | 2015-10-01 | 7.8 HIGH | N/A |
| The Autonomic Networking Infrastructure (ANI) implementation in Cisco IOS 12.2, 12.4, 15.0, 15.2, 15.3, and 15.4 and IOS XE 3.10.xS through 3.13.xS before 3.13.1S allows remote attackers to cause a denial of service (disrupted domain access) via spoofed AN messages that reset a finite state machine, aka Bug ID CSCup62293. | |||||