Total
5442 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-6619 | 1 Google | 1 Android | 2024-08-06 | N/A |
The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, aka internal bug 23520714. | ||||
CVE-2015-6621 | 1 Google | 1 Android | 2024-08-06 | N/A |
SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23909438. | ||||
CVE-2015-6614 | 1 Google | 1 Android | 2024-08-06 | N/A |
Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain privileges, and consequently bypass intended network-interface restrictions, perform expensive data transfers, or cause a denial of service (call-reception outage or mute manipulation), via a crafted application, aka internal bug 21900139. | ||||
CVE-2015-6607 | 2 Google, Sqlite | 2 Android, Sqlite | 2024-08-06 | N/A |
SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586. | ||||
CVE-2015-6612 | 1 Google | 1 Android | 2024-08-06 | N/A |
libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges via a crafted application, aka internal bug 23540426. | ||||
CVE-2015-6596 | 1 Google | 1 Android | 2024-08-06 | N/A |
mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bugs 20731946 and 20719651, a different vulnerability than CVE-2015-7717. | ||||
CVE-2015-6623 | 1 Google | 1 Android | 2024-08-06 | N/A |
Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24872703. | ||||
CVE-2015-6565 | 1 Openbsd | 1 Openssh | 2024-08-06 | N/A |
sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence. | ||||
CVE-2015-6520 | 1 Ippusbxd Project | 1 Ippusbxd | 2024-08-06 | N/A |
IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request. | ||||
CVE-2015-6564 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-08-06 | N/A |
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request. | ||||
CVE-2015-6413 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2024-08-06 | N/A |
Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651. | ||||
CVE-2015-6417 | 1 Cisco | 1 Videoscape Distribution Suite Service Manager | 2024-08-06 | N/A |
Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025. | ||||
CVE-2015-6423 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-08-06 | N/A |
The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782. | ||||
CVE-2015-6348 | 1 Cisco | 1 Secure Access Control Server | 2024-08-06 | N/A |
The report-generation web interface in the Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and read report or status information, by visiting an unspecified web page. | ||||
CVE-2015-6395 | 1 Cisco | 1 Prime Service Catalog | 2024-08-06 | N/A |
Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188. | ||||
CVE-2015-6384 | 1 Cisco | 1 Webex Meetings | 2024-08-06 | N/A |
The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom application permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka Bug ID CSCuw86442. | ||||
CVE-2015-6347 | 1 Cisco | 1 Secure Access Control Server | 2024-08-06 | N/A |
The Solution Engine in Cisco Secure Access Control Server (ACS) 5.7(0.15) allows remote authenticated users to bypass intended RBAC restrictions, and create a dashboard or portlet, by visiting an unspecified web page. | ||||
CVE-2015-6362 | 1 Cisco | 1 Connected Grid Network Management System | 2024-08-06 | N/A |
The web GUI in Cisco Connected Grid Network Management System (CG-NMS) 3.0(0.35) and 3.0(0.54) allows remote authenticated users to bypass intended access restrictions and modify the configuration by leveraging the Monitor-Only role, aka Bug ID CSCuw42640. | ||||
CVE-2015-6383 | 1 Cisco | 1 Ios Xe | 2024-08-06 | N/A |
Cisco IOS XE 15.4(3)S on ASR 1000 devices improperly loads software packages, which allows local users to bypass license restrictions and obtain certain root privileges by using the CLI to enter crafted filenames, aka Bug ID CSCuv93130. | ||||
CVE-2015-6333 | 1 Cisco | 1 Application Policy Infrastructure Controller | 2024-08-06 | N/A |
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076. |