ReportizFlow
Filtered by vendor
Subscriptions
Total
5109 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-8275 | 1 Eparaksts | 2 Edoc-libraries, Eparakstitajs 3 | 2025-04-20 | N/A |
| LVRTC eParakstitajs 3.0 (1.3.0) and edoc-libraries-2.5.4_01 allow attackers to write to arbitrary files via crafted EDOC files. | ||||
| CVE-2015-8139 | 1 Ntp | 1 Ntp | 2025-04-20 | N/A |
| ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors. | ||||
| CVE-2015-2692 | 1 Adblock | 1 Adblock | 2025-04-20 | N/A |
| AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites and to disable arbitrary blocking filters. | ||||
| CVE-2015-7501 | 1 Redhat | 22 Data Grid, Enterprise Linux, Jboss A-mq and 19 more | 2025-04-20 | N/A |
| Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Platform 6.x, 5.x, and 4.3.x; Fuse 6.x; Fuse Service Works (FSW) 6.x; Operations Network (JBoss ON) 3.x; Portal 6.x; SOA Platform (SOA-P) 5.x; Web Server (JWS) 3.x; Red Hat OpenShift/xPAAS 3.x; and Red Hat Subscription Asset Manager 1.3 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. | ||||
| CVE-2015-5293 | 1 Redhat | 1 Enterprise Virtualization Manager | 2025-04-20 | N/A |
| Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable. | ||||
| CVE-2015-4624 | 1 Hak5 | 2 Wi-fi Pineapple, Wi-fi Pineapple Firmware | 2025-04-20 | N/A |
| Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. | ||||
| CVE-2015-3302 | 1 Thecartpress | 1 Thecartpress Ecommerce Shopping Cart | 2025-04-20 | N/A |
| The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin for WordPress before 1.3.9.3 allows remote attackers to obtain sensitive order detail information by leveraging a "broken authentication mechanism." | ||||
| CVE-2015-3295 | 1 Markdown-it Project | 1 Markdown-it | 2025-04-20 | N/A |
| markdown-it before 4.1.0 does not block data: URLs. | ||||
| CVE-2017-17450 | 1 Linux | 1 Linux Kernel | 2025-04-20 | N/A |
| net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces. | ||||
| CVE-2015-3163 | 1 Redhat | 1 Beaker | 2025-04-20 | 4.3 Medium |
| The admin pages for power types and key types in Beaker before 20.1 do not have any access controls, which allows remote authenticated users to modify power types and key types via navigating to $BEAKER/powertypes and $BEAKER/keytypes respectively. | ||||
| CVE-2015-1976 | 1 Ibm | 2 Security Directory Server, Tivoli Directory Server | 2025-04-20 | N/A |
| IBM Security Directory Server could allow an authenticated user to execute commands into the web administration tool that would cause the tool to crash. | ||||
| CVE-2014-9827 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 8.8 High |
| coders/xpm.c in ImageMagick allows remote attackers to have unspecified impact via a crafted xpm file. | ||||
| CVE-2015-0104 | 1 Ibm | 11 Change And Configuration Management Database, Maximo Asset Management, Maximo Asset Management Essentials and 8 more | 2025-04-20 | N/A |
| IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and Configuration Management Database 7.1 through 7.1.1.8 and 7.2 and Maximo Asset Management and Maximo Industry Solutions 7.1 through 7.1.1.8, 7.5 before 7.5.0.7 IFIX003, and 7.6 before 7.6.0.0 IFIX002 allow remote authenticated users to execute arbitrary code via unspecified vectors. | ||||
| CVE-2016-8584 | 1 Trendmicro | 1 Threat Discovery Appliance | 2025-04-20 | N/A |
| Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values, which allows remote attackers to bypass authentication by guessing the value. | ||||
| CVE-2014-8168 | 1 Redhat | 1 Satellite | 2025-04-20 | 7.8 High |
| Red Hat Satellite 6 allows local users to access mongod and delete pulp_database. | ||||
| CVE-2014-9961 | 1 Google | 1 Android | 2025-04-20 | N/A |
| In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection exists that can be used to bypass power-on write protection. | ||||
| CVE-2013-7460 | 1 Mcafee | 2 Application Control, Change Control | 2025-04-20 | N/A |
| A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions. | ||||
| CVE-2016-8942 | 1 Ibm | 2 Spectrum Control, Tivoli Storage Productivity Center | 2025-04-20 | N/A |
| IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge of the system to edit a limited set of properties on the server. | ||||
| CVE-2016-9005 | 1 Ibm | 1 System Storage Ts3100-ts3200 Tape Library | 2025-04-20 | N/A |
| IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to the company network, to change a user's password and gain remote access to the system. | ||||
| CVE-2014-9920 | 1 Mcafee | 1 Application Control | 2025-04-20 | N/A |
| Unauthorized execution of binary vulnerability in McAfee (now Intel Security) McAfee Application Control (MAC) 6.0.0 before hotfix 9726, 6.0.1 before hotfix 9068, 6.1.0 before hotfix 692, 6.1.1 before hotfix 399, 6.1.2 before hotfix 426, and 6.1.3 before hotfix 357 and earlier allows attackers to create a malformed Windows binary that is considered non-executable and is not protected through the whitelisting protection feature via a specific set of circumstances. | ||||