CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
5451 CVE-2015-4001 189 DoS Exec Code 2015-06-07 2016-12-27
9.0
None Remote Low Not required Partial Partial Complete
Integer signedness error in the oz_hcd_get_desc_cnf function in drivers/staging/ozwpan/ozhcd.c in the OZWPAN driver in the Linux kernel through 4.0.5 allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted packet.
5452 CVE-2015-3990 19 Exec Code 2015-05-20 2018-03-13
9.0
None Remote Low Single system Complete Complete Complete
The GMS ViewPoint (GMSVP) web application in Dell Sonicwall GMS, Analyzer, and UMA EM5000 before 7.2 SP4 allows remote authenticated users to execute arbitrary commands via vectors related to configuration.
5453 CVE-2015-3974 255 2015-09-27 2015-09-29
9.0
None Remote Low Single system Complete Complete Complete
EasyIO EasyIO-30P-SF controllers with firmware before 0.5.21 and 2.x before 2.0.5.21, as used in Accutrol, Bar-Tech Automation, Infocon/EasyIO, Honeywell Automation India, Johnson Controls, SyxthSENSE, Transformative Wave Technologies, Tridium Asia Pacific, and Tridium Europe products, have a hardcoded password, which makes it easier for remote attackers to obtain access via unspecified vectors.
5454 CVE-2015-3972 254 2015-10-28 2015-10-28
10.0
None Remote Low Not required Complete Complete Complete
The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices supports only short PIN values for authentication, which makes it easier for remote attackers to obtain access via a brute-force attack.
5455 CVE-2015-3964 2015-09-11 2016-12-21
10.0
None Remote Low Not required Complete Complete Complete
SMA Solar Sunny WebBox has hardcoded passwords, which makes it easier for remote attackers to obtain access via unspecified vectors.
5456 CVE-2015-3956 345 2019-03-25 2019-04-04
10.0
None Remote Low Not required Complete Complete Complete
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior accept drug libraries, firmware updates, pump commands, and unauthorized configuration changes from unauthenticated devices on the host network. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue.
5457 CVE-2015-3955 119 Exec Code Overflow 2015-07-06 2016-12-05
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Hospira LifeCare PCA Infusion System 5.0 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via unspecified vectors.
5458 CVE-2015-3954 285 2019-03-25 2019-04-04
10.0
None Remote Low Not required Complete Complete Complete
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior give unauthenticated users root privileges on Port 23/TELNET by default. An unauthorized user could issue commands to the pump. Hospira recommends that customers close Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue.
5459 CVE-2015-3953 798 2019-03-25 2019-04-04
10.0
None Remote Low Not required Complete Complete Complete
Hard-coded accounts may be used to access Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and prior, and Symbiq Infusion System, version 3.13 and prior. Hospira recommends that customers close Port 20/FTP and Port 23/TELNET on the affected devices. Hospira has also released the Plum 360 Infusion System which is not vulnerable to this issue.
5460 CVE-2015-3911 284 DoS Bypass 2015-05-21 2015-05-22
9.0
None Remote Low Not required Partial Partial Complete
Huawei E587 Mobile WiFi with firmware before 11.203.30.00.00 allows remote attackers to bypass authentication, change configurations, send messages, and cause a denial of service (device restart) via unspecified vectors.
5461 CVE-2015-3879 264 +Priv 2015-10-06 2015-10-07
9.3
None Remote Medium Not required Complete Complete Complete
Media Player Framework in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bug 23223325.
5462 CVE-2015-3877 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
Skia, as used in Android before 5.1.1 LMY48T, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 20723696.
5463 CVE-2015-3876 20 Exec Code 2015-10-01 2016-12-08
9.3
None Remote Medium Not required Complete Complete Complete
libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file.
5464 CVE-2015-3875 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libutils in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, aka internal bug 22952485.
5465 CVE-2015-3874 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23335715, 23307276, and 23286323.
5466 CVE-2015-3873 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 23016072, 23248776, 23247055, 22845824, 22008959, 21814993, 21048776, 20718524, 20674674, 22388975, 20674086, 21443020, and 22077698, a different vulnerability than CVE-2015-7716.
5467 CVE-2015-3872 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23346388.
5468 CVE-2015-3871 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23031033.
5469 CVE-2015-3870 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 22771132.
5470 CVE-2015-3869 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23036083.
5471 CVE-2015-3868 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2016-12-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23270724.
5472 CVE-2015-3867 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23213430.
5473 CVE-2015-3865 264 +Priv 2015-10-06 2015-10-07
9.3
None Remote Medium Not required Complete Complete Complete
The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23050463.
5474 CVE-2015-3864 189 Exec Code 2015-09-30 2017-09-15
10.0
None Remote Low Not required Complete Complete Complete
Integer underflow in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4 data, aka internal bug 23034759. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-3824.
5475 CVE-2015-3863 189 Exec Code Overflow 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and read arbitrary Keystore keys via an application that uses a crafted blob in an insert operation, aka internal bug 22802399.
5476 CVE-2015-3858 264 Bypass 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
The checkDestination function in internal/telephony/SMSDispatcher.java in Android before 5.1.1 LMY48M relies on an obsolete permission name for an authorization check, which allows attackers to bypass an intended user-confirmation requirement for SMS short-code messaging via a crafted application, aka internal bug 22314646.
5477 CVE-2015-3849 264 Exec Code 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before 5.1.1 LMY48M does not check the return values of certain read operations, which allows attackers to execute arbitrary code via an application that sends a crafted message to a service, aka internal bug 21585255.
5478 CVE-2015-3843 264 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
The SIM Toolkit (STK) framework in Android before 5.1.1 LMY48I allows attackers to (1) intercept or (2) emulate unspecified Telephony STK SIM commands via an application that sends a crafted Intent, related to com/android/internal/telephony/cat/AppInterface.java, aka internal bug 21697171.
5479 CVE-2015-3842 119 Exec Code Overflow 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516.
5480 CVE-2015-3837 20 Exec Code 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I improperly includes certain context data during serialization and deserialization, which allows attackers to execute arbitrary code via an application that sends a crafted Intent, aka internal bug 21437603.
5481 CVE-2015-3836 189 DoS Exec Code Overflow 2015-09-30 2015-10-01
10.0
None Remote Low Not required Complete Complete Complete
The Parse_wave function in arm-wt-22k/lib_src/eas_mdls.c in the Sonivox DLS-to-EAS converter in Android before 5.1.1 LMY48I does not reject a negative value for a certain size field, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted XMF data, aka internal bug 21132860.
5482 CVE-2015-3835 119 Exec Code Overflow 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the OMXNodeInstance::emptyBuffer function in omx/OMXNodeInstance.cpp in libstagefright in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 20634516.
5483 CVE-2015-3834 189 Exec Code Overflow 2015-09-30 2015-10-01
10.0
None Remote Low Not required Complete Complete Complete
Multiple integer overflows in the BnHDCP::onTransact function in media/libmedia/IHDCP.cpp in libstagefright in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application that uses HDCP encryption, leading to a heap-based buffer overflow, aka internal bug 20222489.
5484 CVE-2015-3832 119 Exec Code Overflow 2015-09-30 2015-10-01
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allow remote attackers to execute arbitrary code via invalid size values of NAL units in MP4 data, aka internal bug 19641538.
5485 CVE-2015-3831 119 Exec Code Overflow 2015-09-30 2015-10-01
9.3
None Remote Medium Not required Complete Complete Complete
Buffer overflow in the readAt function in BpMediaHTTPConnection in media/libmedia/IMediaHTTPConnection.cpp in the mediaserver service in Android before 5.1.1 LMY48I allows attackers to execute arbitrary code via a crafted application, aka internal bug 19400722.
5486 CVE-2015-3829 189 DoS Exec Code Overflow Mem. Corr. 2015-09-30 2017-09-20
10.0
None Remote Low Not required Complete Complete Complete
Off-by-one error in the MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via crafted MPEG-4 covr atoms with a size equal to SIZE_MAX, aka internal bug 20923261.
5487 CVE-2015-3828 119 DoS Exec Code Overflow Mem. Corr. 2015-09-30 2017-09-20
10.0
None Remote Low Not required Complete Complete Complete
The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted 3GPP metadata, aka internal bug 20923261, a related issue to CVE-2015-3826.
5488 CVE-2015-3827 119 DoS Exec Code Overflow Mem. Corr. 2015-09-30 2017-09-20
9.3
None Remote Medium Not required Complete Complete Complete
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261.
5489 CVE-2015-3824 119 DoS Exec Code Overflow Mem. Corr. 2015-09-30 2017-09-20
10.0
None Remote Low Not required Complete Complete Complete
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not properly restrict size addition, which allows remote attackers to execute arbitrary code or cause a denial of service (integer overflow and memory corruption) via a crafted MPEG-4 tx3g atom, aka internal bug 20923261.
5490 CVE-2015-3823 119 DoS Exec Code Overflow Mem. Corr. 2015-10-06 2015-10-07
10.0
None Remote Low Not required Complete Complete Complete
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 21335999.
5491 CVE-2015-3799 255 2015-08-16 2017-09-20
9.3
None Remote Medium Not required Complete Complete Complete
The Apple ID OD plug-in in Apple OS X before 10.10.5 allows attackers to change arbitrary user passwords via a crafted app.
5492 CVE-2015-3795 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
9.3
None Remote Medium Not required Complete Complete Complete
libxpc in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app that sends a malformed XPC message.
5493 CVE-2015-3776 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2016-12-23
9.3
None Remote Medium Not required Complete Complete Complete
IOKit in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption and application crash) via a malformed plist.
5494 CVE-2015-3770 119 DoS Exec Code Overflow Mem. Corr. 2015-08-16 2017-09-20
9.3
None Remote Medium Not required Complete Complete Complete
IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.
5495 CVE-2015-3768 189 Exec Code Overflow 2015-08-16 2016-12-23
9.3
None Remote Medium Not required Complete Complete Complete
Integer overflow in the kernel in Apple iOS before 8.4.1 and OS X before 10.10.5 allows attackers to execute arbitrary code in a privileged context via a crafted app that makes unspecified IOKit API calls.
5496 CVE-2015-3712 119 DoS Exec Code Overflow 2015-07-02 2017-09-21
9.3
Admin Remote Medium Not required Complete Complete Complete
The NVIDIA graphics driver in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (out-of-bounds write) via a crafted app.
5497 CVE-2015-3707 DoS Exec Code 2015-07-02 2017-09-21
9.3
Admin Remote Medium Not required Complete Complete Complete
The FireWire driver in IOFireWireFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via a crafted app.
5498 CVE-2015-3706 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
9.3
None Remote Medium Not required Complete Complete Complete
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3705.
5499 CVE-2015-3705 119 DoS Exec Code Overflow Mem. Corr. 2015-07-02 2017-09-21
9.3
None Remote Medium Not required Complete Complete Complete
IOAcceleratorFamily in Apple OS X before 10.10.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-3706.
5500 CVE-2015-3704 264 Exec Code 2015-07-02 2017-09-21
9.3
Admin Remote Medium Not required Complete Complete Complete
runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10.4 does not properly drop privileges, which allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.