Total
5449 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2015-6639 | 1 Google | 1 Android | 2024-11-21 | N/A |
The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875. | ||||
CVE-2015-6638 | 1 Google | 1 Android | 2024-11-21 | N/A |
The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908. | ||||
CVE-2015-6637 | 1 Google | 1 Android | 2024-11-21 | N/A |
The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013. | ||||
CVE-2015-6623 | 1 Google | 1 Android | 2024-11-21 | N/A |
Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24872703. | ||||
CVE-2015-6621 | 1 Google | 1 Android | 2024-11-21 | N/A |
SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23909438. | ||||
CVE-2015-6620 | 1 Google | 1 Android | 2024-11-21 | N/A |
libstagefright in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bugs 24123723 and 24445127. | ||||
CVE-2015-6619 | 1 Google | 1 Android | 2024-11-21 | N/A |
The kernel in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, aka internal bug 23520714. | ||||
CVE-2015-6614 | 1 Google | 1 Android | 2024-11-21 | N/A |
Telephony in Android 5.x before 5.1.1 LMY48X allows attackers to gain privileges, and consequently bypass intended network-interface restrictions, perform expensive data transfers, or cause a denial of service (call-reception outage or mute manipulation), via a crafted application, aka internal bug 21900139. | ||||
CVE-2015-6612 | 1 Google | 1 Android | 2024-11-21 | N/A |
libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges via a crafted application, aka internal bug 23540426. | ||||
CVE-2015-6607 | 2 Google, Sqlite | 2 Android, Sqlite | 2024-11-21 | N/A |
SQLite before 3.8.9, as used in Android before 5.1.1 LMY48T, allows attackers to gain privileges via a crafted application, aka internal bug 20099586. | ||||
CVE-2015-6606 | 1 Google | 1 Android | 2024-11-21 | N/A |
The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 22301786. | ||||
CVE-2015-6596 | 1 Google | 1 Android | 2024-11-21 | N/A |
mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bugs 20731946 and 20719651, a different vulnerability than CVE-2015-7717. | ||||
CVE-2015-6565 | 1 Openbsd | 1 Openssh | 2024-11-21 | N/A |
sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence. | ||||
CVE-2015-6564 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-11-21 | N/A |
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request. | ||||
CVE-2015-6520 | 1 Ippusbxd Project | 1 Ippusbxd | 2024-11-21 | N/A |
IPPUSBXD before 1.22 listens on all interfaces, which allows remote attackers to obtain access to USB connected printers via a direct request. | ||||
CVE-2015-6423 | 1 Cisco | 1 Adaptive Security Appliance Software | 2024-11-21 | N/A |
The DCERPC Inspection implementation in Cisco Adaptive Security Appliance (ASA) Software 9.4.1 through 9.5.1 allows remote authenticated users to bypass an intended DCERPC-only ACL by sending arbitrary network traffic, aka Bug ID CSCuu67782. | ||||
CVE-2015-6417 | 1 Cisco | 1 Videoscape Distribution Suite Service Manager | 2024-11-21 | N/A |
Cisco Videoscape Distribution Suite Service Manager (VDS-SM) 3.4.0 and earlier does not always use RBAC for backend database access, which allows remote authenticated users to read or write to database entries via (1) the GUI or (2) a crafted HTTP request, aka Bug ID CSCuv87025. | ||||
CVE-2015-6413 | 1 Cisco | 1 Telepresence Video Communication Server Software | 2024-11-21 | N/A |
Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated users to bypass intended read-only restrictions and upload Tandberg Linux Package (TLP) files by visiting an administrative page, aka Bug ID CSCuw55651. | ||||
CVE-2015-6395 | 1 Cisco | 1 Prime Service Catalog | 2024-11-21 | N/A |
Cisco Prime Service Catalog 10.0, 10.0(R2), 10.1, and 11.0 does not properly restrict access to web pages, which allows remote attackers to modify the configuration via a direct request, aka Bug ID CSCuw48188. | ||||
CVE-2015-6384 | 1 Cisco | 1 Webex Meetings | 2024-11-21 | N/A |
The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom application permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka Bug ID CSCuw86442. |