| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2003-0357 | 7.5 |
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
|
14-02-2024 - 01:17 | 09-06-2003 - 04:00 | |
| CVE-2015-4106 | 4.6 |
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through devices, which might allow local x86 HVM guests to gain privileges, cause a denial of service (host crash), obtain sensitive information, or possibly ha
|
09-09-2020 - 15:15 | 03-06-2015 - 20:59 | |
| CVE-2017-7454 | 4.3 |
The iwgif_record_pixel function in imagew-gif.c in libimageworsener.a in ImageWorsener 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
|
03-10-2019 - 00:03 | 06-04-2017 - 00:59 | |
| CVE-2015-4660 | 4.3 |
Cross-site scripting (XSS) vulnerability in Enhanced SQL Portal 5.0.7961 allows remote attackers to inject arbitrary web script or HTML via the id parameter to iframe.php.
|
15-03-2019 - 15:37 | 18-06-2015 - 18:59 | |
| CVE-2015-4427 | 3.5 |
Multiple cross-site scripting (XSS) vulnerabilities in Test/WorkArea/workarea.aspx in Ektron Content Management System (CMS) before 9.10 SP1 (Build 9.1.0.184.1.114) allow remote authenticated users to inject arbitrary web script or HTML via the (1) p
|
09-10-2018 - 19:57 | 09-06-2015 - 14:59 | |
| CVE-2015-4103 | 4.9 |
Xen 3.3.x through 4.5.x does not properly restrict write access to the host MSI message data field, which allows local x86 HVM guest administrators to cause a denial of service (host interrupt handling confusion) via vectors related to qemu and acces
|
15-11-2017 - 02:29 | 03-06-2015 - 20:59 | |
| CVE-2015-4105 | 4.9 |
Xen 3.3.x through 4.5.x enables logging for PCI MSI-X pass-through error messages, which allows local x86 HVM guests to cause a denial of service (host disk consumption) via certain invalid operations.
|
15-11-2017 - 02:29 | 03-06-2015 - 20:59 | |
| CVE-2015-6554 | 7.5 |
Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data.
|
07-12-2016 - 18:20 | 12-11-2015 - 03:59 | |
| CVE-2015-4162 | 4.0 |
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data. <a href="http://cwe
|
28-11-2016 - 19:27 | 02-06-2015 - 14:59 | |
| CVE-2015-4338 | 6.5 |
Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary PHP code into the language files via a Translation LM_FRONT_* field for a language, as demonstrated by language/italia
|
18-06-2015 - 15:24 | 17-06-2015 - 18:59 | |
| CVE-2015-4337 | 3.5 |
Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the excl_manual parameter in the xcloner_show page to wpadmin/plugins.php.
|
18-06-2015 - 15:23 | 17-06-2015 - 18:59 | |
| CVE-2015-4336 | 6.5 |
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to execute arbitrary commands via a file containing filenames with shell metacharacters, as demonstrated by using the backup comments feature to create t
|
18-06-2015 - 15:22 | 17-06-2015 - 18:59 |