CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
5751 CVE-2015-1986 77 Exec Code 2015-06-30 2016-12-30
10.0
None Remote Low Not required Complete Complete Complete
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1938.
5752 CVE-2015-1961 284 Exec Code Bypass 2015-07-13 2017-09-21
9.0
None Remote Low Single system Complete Complete Complete
The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3, 8.5.0 through 8.5.0.1, 8.5.5 through 8.5.5.0, and 8.5.6 through 8.5.6.0 allows remote authenticated users to bypass intended access restrictions and execute arbitrary JavaScript code on the server via an unspecified API call.
5753 CVE-2015-1949 77 Exec Code 2015-06-30 2016-12-27
10.0
None Remote Low Not required Complete Complete Complete
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands with SYSTEM privileges via unspecified vectors.
5754 CVE-2015-1942 20 2015-06-30 2016-12-27
9.3
None Remote Medium Not required Complete Complete Complete
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to write to arbitrary files, and subsequently execute these files, via a crafted TCP packet to an unspecified port.
5755 CVE-2015-1938 77 Exec Code 2015-06-30 2016-12-27
10.0
None Remote Low Not required Complete Complete Complete
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986.
5756 CVE-2015-1920 284 Exec Code 2015-05-19 2017-01-03
10.0
None Remote Low Not required Complete Complete Complete
IBM WebSphere Application Server (WAS) 6.1 through 6.1.0.47, 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, and 8.5 before 8.5.5.6 allows remote attackers to execute arbitrary code by sending crafted instructions in a management-port session.
5757 CVE-2015-1903 119 Exec Code Overflow 2015-05-20 2017-01-03
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSN3Y.
5758 CVE-2015-1902 119 Exec Code Overflow 2015-05-20 2017-01-03
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in IBM Domino 8.5 before 8.5.3 FP6 IF7 and 9.0 before 9.0.1 FP3 IF3 allows remote attackers to execute arbitrary code via a crafted BMP image, aka SPR KLYH9TSMLA.
5759 CVE-2015-1896 119 Exec Code Overflow 2015-05-24 2016-12-08
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows remote attackers to execute arbitrary code via unspecified vectors.
5760 CVE-2015-1885 264 +Priv 2015-04-27 2016-12-21
9.3
None Remote Medium Not required Complete Complete Complete
WebSphereOauth20SP.ear in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.39, 8.0 before 8.0.0.11, 8.5 Liberty Profile before 8.5.5.5, and 8.5 Full Profile before 8.5.5.6, when the OAuth grant type requires sending a password, allows remote attackers to gain privileges via unspecified vectors.
5761 CVE-2015-1845 119 Exec Code Overflow 2015-05-19 2016-08-02
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the EntrReadArch function in unzoo might allow remote attackers to execute arbitrary code via unspecified vectors.
5762 CVE-2015-1842 255 Exec Code 2015-04-10 2016-07-25
10.0
None Remote Low Not required Complete Complete Complete
The puppet manifests in the Red Hat openstack-puppet-modules package before 2014.2.13-2 uses a default password of CHANGEME for the pcsd daemon, which allows remote attackers to execute arbitrary shell commands via unspecified vectors.
5763 CVE-2015-1815 77 Exec Code 2015-03-30 2016-12-30
10.0
None Remote Low Not required Complete Complete Complete
The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows remote attackers to execute arbitrary commands via shell metacharacters in a file name.
5764 CVE-2015-1801 119 DoS Overflow +Priv Mem. Corr. 2017-08-24 2017-08-29
10.0
None Remote Low Not required Complete Complete Complete
The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to cause a denial of service (memory corruption) or gain privileges.
5765 CVE-2015-1770 19 Exec Code 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."
5766 CVE-2015-1767 119 DoS Exec Code Overflow Mem. Corr. 2015-07-14 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2401 and CVE-2015-2408.
5767 CVE-2015-1766 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1740, CVE-2015-1744, and CVE-2015-1745.
5768 CVE-2015-1760 19 Exec Code Mem. Corr. 2015-06-09 2018-10-30
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 SP1, and Office 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
5769 CVE-2015-1759 19 Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
5770 CVE-2015-1756 416 Exec Code 2015-06-09 2019-05-15
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted web site that is accessed with the F12 Developer Tools feature of Internet Explorer, aka "Microsoft Common Control Use After Free Vulnerability."
5771 CVE-2015-1755 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1731, CVE-2015-1736, and CVE-2015-1737.
5772 CVE-2015-1754 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
5773 CVE-2015-1753 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1747, and CVE-2015-1750.
5774 CVE-2015-1752 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1741.
5775 CVE-2015-1751 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
5776 CVE-2015-1750 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1747, and CVE-2015-1753.
5777 CVE-2015-1747 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742, CVE-2015-1750, and CVE-2015-1753.
5778 CVE-2015-1745 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1740, CVE-2015-1744, and CVE-2015-1766.
5779 CVE-2015-1744 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1740, CVE-2015-1745, and CVE-2015-1766.
5780 CVE-2015-1742 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1747, CVE-2015-1750, and CVE-2015-1753.
5781 CVE-2015-1741 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1752.
5782 CVE-2015-1740 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766.
5783 CVE-2015-1738 119 DoS Exec Code Overflow Mem. Corr. 2015-07-14 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2388.
5784 CVE-2015-1737 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1731, CVE-2015-1736, and CVE-2015-1755.
5785 CVE-2015-1736 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1731, CVE-2015-1737, and CVE-2015-1755.
5786 CVE-2015-1735 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1740, CVE-2015-1744, CVE-2015-1745, and CVE-2015-1766.
5787 CVE-2015-1733 119 DoS Exec Code Overflow Mem. Corr. 2015-07-14 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2389 and CVE-2015-2411.
5788 CVE-2015-1732 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1742, CVE-2015-1747, CVE-2015-1750, and CVE-2015-1753.
5789 CVE-2015-1731 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1736, CVE-2015-1737, and CVE-2015-1755.
5790 CVE-2015-1730 399 DoS Exec Code Mem. Corr. 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
5791 CVE-2015-1728 17 Exec Code 2015-06-09 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Windows Media Player 10 through 12 allows remote attackers to execute arbitrary code via a crafted DataObject on a web site, aka "Windows Media Player RCE via DataObject Vulnerability."
5792 CVE-2015-1718 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1711, and CVE-2015-1717.
5793 CVE-2015-1717 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1711, and CVE-2015-1718.
5794 CVE-2015-1715 264 Bypass 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Silverlight 5 before 5.1.40416.00 allows remote attackers to bypass intended integrity-level restrictions via a crafted Silverlight application, aka "Microsoft Silverlight Out of Browser Application Vulnerability."
5795 CVE-2015-1714 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
5796 CVE-2015-1712 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1691.
5797 CVE-2015-1711 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1658, CVE-2015-1706, CVE-2015-1717, and CVE-2015-1718.
5798 CVE-2015-1710 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1694.
5799 CVE-2015-1709 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
5800 CVE-2015-1708 119 DoS Exec Code Overflow Mem. Corr. 2015-05-13 2018-10-12
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.