Total
5442 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-7875 | 1 Chaos Tool Suite Project | 1 Ctools | 2024-08-06 | N/A |
| ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content and functionality on a page. | ||||
| CVE-2015-7862 | 1 Accelerite | 1 Radia Client Automation | 2024-08-06 | N/A |
| Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 improperly implements the Role Based Access Control feature, which might allow remote attackers to modify an account's role assignments via unspecified vectors. | ||||
| CVE-2015-7818 | 2 Ibm, Lenovo | 2 System Networking Switch Center, Switch Center | 2024-08-06 | N/A |
| The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file. | ||||
| CVE-2015-7751 | 1 Juniper | 1 Junos | 2024-08-06 | N/A |
| Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D105, 14.1X51 before 14.1X51-D70, 14.1X53 before 14.1X53-D25, 14.1X55 before 14.1X55-D20, 14.2 before 14.2R1, 15.1 before 15.1F2 or 15.1R1, and 15.1X49 before 15.1X49-D10 does not require a password for the root user when pam.conf is "corrupted," which allows local users to gain root privileges by modifying the file. | ||||
| CVE-2015-7792 | 1 Corega | 1 Cg-wlbargs Firmware | 2024-08-06 | N/A |
| Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors. | ||||
| CVE-2015-7840 | 1 Solarwinds | 1 Log And Event Manager | 2024-08-06 | N/A |
| The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature. | ||||
| CVE-2015-7835 | 1 Xen | 1 Xen | 2024-08-06 | N/A |
| The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping. | ||||
| CVE-2015-7809 | 1 Symfony | 1 Twig | 2024-08-06 | N/A |
| The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the _self variable in a template. | ||||
| CVE-2015-7788 | 1 Asus | 2 Wl-330nul, Wl-330nul Firmware | 2024-08-06 | N/A |
| ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2015-7707 | 1 Igniterealtime | 1 Openfire | 2024-08-06 | N/A |
| Ignite Realtime Openfire 3.10.2 allows remote authenticated users to gain administrator access via the isadmin parameter to user-edit-form.jsp. | ||||
| CVE-2015-7717 | 1 Google | 1 Android | 2024-08-06 | N/A |
| mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to gain privileges via a crafted application, aka internal bug 19573085, a different vulnerability than CVE-2015-6596. | ||||
| CVE-2015-7662 | 6 Adobe, Apple, Google and 3 more | 10 Air, Air Sdk, Air Sdk \& Compiler and 7 more | 2024-08-06 | N/A |
| Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK & Compiler before 19.0.0.241 allow remote attackers to bypass intended access restrictions and write to files via unspecified vectors. | ||||
| CVE-2015-7685 | 1 Glpi-project | 1 Glpi | 2024-08-06 | N/A |
| GLPI before 0.85.3 allows remote authenticated users to create super-admin accounts by leveraging permissions to create a user and the _profiles_id parameter to front/user.form.php. | ||||
| CVE-2015-7596 | 1 Gemalto | 1 Safenet Authentication Service End User Software Tools For Windows | 2024-08-06 | N/A |
| SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | ||||
| CVE-2015-7597 | 1 Gemalto | 1 Safenet Authentication Service Iis Agent | 2024-08-06 | N/A |
| SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | ||||
| CVE-2015-7561 | 2 Kubernetes, Redhat | 2 Kubernetes, Openshift | 2024-08-06 | N/A |
| Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image. | ||||
| CVE-2015-7600 | 1 Cisco | 1 Vpn Client | 2024-08-06 | N/A |
| Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the ApplicationLauncher section. | ||||
| CVE-2015-7598 | 1 Gemalto | 1 Safenet Authentication Service Tokenvalidator Proxy Agent | 2024-08-06 | N/A |
| SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | ||||
| CVE-2015-7489 | 1 Ibm | 1 Spss Statistics | 2024-08-06 | N/A |
| IBM SPSS Statistics 22.0.0.2 before IF10 and 23.0.0.2 before IF7 uses weak permissions (Everyone: Write) for Python scripts, which allows local users to gain privileges by modifying a script. | ||||
| CVE-2015-7496 | 3 Fedoraproject, Gnome, Redhat | 3 Fedora, Gnome Display Manager, Enterprise Linux | 2024-08-06 | N/A |
| GNOME Display Manager (gdm) before 3.18.2 allows physically proximate attackers to bypass the lock screen by holding the Escape key. | ||||