Security Vulnerabilities, CVEs, Published In May 2015 CVSS score >= 9

CVE-2015-3306

Public exploit
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
Max CVSS
10.0
EPSS Score
97.19%
Published
2015-05-18
Updated
2021-05-26

CVE-2015-3090

Public exploit
Adobe Flash Player before 13.0.0.289 and 14.x through 17.x before 17.0.0.188 on Windows and OS X and before 11.2.202.460 on Linux, Adobe AIR before 17.0.0.172, Adobe AIR SDK before 17.0.0.172, and Adobe AIR SDK & Compiler before 17.0.0.172 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-3078, CVE-2015-3089, and CVE-2015-3093.
Max CVSS
10.0
EPSS Score
97.38%
Published
2015-05-13
Updated
2017-01-03

CVE-2015-2845

Public exploit
The cpanel function in go_site.php in GoAutoDial GoAdmin CE before 3.3-1421902800 allows remote attackers to execute arbitrary commands via the $type portion of the PATH_INFO.
Max CVSS
10.0
EPSS Score
7.92%
Published
2015-05-12
Updated
2018-10-09

CVE-2014-9727

Public exploit
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in the var:lang parameter to cgi-bin/webcm.
Max CVSS
10.0
EPSS Score
95.70%
Published
2015-05-29
Updated
2018-08-13

CVE-2014-8361

Known exploited
Public exploit
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
Max CVSS
10.0
EPSS Score
96.86%
Published
2015-05-01
Updated
2023-09-05
CISA KEV Added
2023-09-18
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close