CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
7701 CVE-2016-0018 426 Exec Code +Priv 2016-01-13 2019-05-15
6.9
None Local Medium Not required Complete Complete Complete
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
7702 CVE-2016-0007 264 +Priv 2016-01-13 2019-05-17
6.9
None Local Medium Not required Complete Complete Complete
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0006.
7703 CVE-2016-0006 264 +Priv 2016-01-13 2019-05-17
6.9
None Local Medium Not required Complete Complete Complete
The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles reparse points, which allows local users to gain privileges via a crafted application, aka "Windows Mount Point Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0007.
7704 CVE-2015-1000009 284 2016-10-06 2016-10-26
6.4
None Remote Low Not required None Partial Partial
Open proxy in Wordpress plugin google-adsense-and-hotel-booking v1.05
7705 CVE-2015-9477 276 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates.
7706 CVE-2015-9476 276 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The Teardrop theme 1.8.1 for WordPress has insufficient restrictions on option updates.
7707 CVE-2015-9465 89 Sql 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.
7708 CVE-2015-9462 89 Sql 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_category_page SQL injection via the cat_id parameter.
7709 CVE-2015-9461 89 Sql 2019-10-10 2019-10-11
6.5
None Remote Low Single system Partial Partial Partial
The awesome-filterable-portfolio plugin before 1.9 for WordPress has afp_get_new_portfolio_item_page SQL injection via the item_id parameter.
7710 CVE-2015-9460 89 Sql 2019-10-10 2019-10-15
6.5
None Remote Low Single system Partial Partial Partial
The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter.
7711 CVE-2015-9458 89 Sql CSRF 2019-10-10 2019-10-11
6.5
None Remote Low Single system Partial Partial Partial
The searchterms-tagging-2 plugin through 1.535 for WordPress has SQL injection via the pk_stt2_db_get_popular_terms count parameter exploitable via CSRF.
7712 CVE-2015-9454 89 Sql 2019-10-07 2019-10-10
6.5
None Remote Low Single system Partial Partial Partial
The smooth-slider plugin before 2.7 for WordPress has SQL Injection via the wp-admin/admin.php?page=smooth-slider-admin current_slider_id parameter.
7713 CVE-2015-9449 89 Sql 2019-09-25 2019-09-26
6.5
None Remote Low Single system Partial Partial Partial
The microblog-poster plugin before 1.6.2 for WordPress has SQL Injection via the wp-admin/options-general.php?page=microblogposter.php account_id parameter.
7714 CVE-2015-9448 89 Sql 2019-09-26 2019-09-26
6.5
None Remote Low Single system Partial Partial Partial
The sendpress plugin before 1.2 for WordPress has SQL Injection via the wp-admin/admin.php?page=sp-queue listid parameter.
7715 CVE-2015-9446 89 Sql 2019-09-26 2019-09-26
6.5
None Remote Low Single system Partial Partial Partial
The unite-gallery-lite plugin before 1.5 for WordPress has SQL injection via data[galleryID] to wp-admin/admin-ajax.php.
7716 CVE-2015-9445 352 Sql CSRF 2019-09-26 2019-09-26
6.8
None Remote Medium Not required Partial Partial Partial
The unite-gallery-lite plugin before 1.5 for WordPress has CSRF and SQL injection via wp-admin/admin-ajax.php in a unitegallery_ajax_action operation.
7717 CVE-2015-9402 434 2019-09-20 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
The users-ultra plugin before 1.5.59 for WordPress has uultra-form-cvs-form-conf arbitrary file upload.
7718 CVE-2015-9400 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The wordpress-meta-robots plugin through 2.1 for WordPress has wp-admin/post-new.php text SQL injection.
7719 CVE-2015-9399 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The wp-stats-dashboard plugin through 2.9.4 for WordPress has admin/graph_trend.php type SQL injection.
7720 CVE-2015-9398 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php gcid SQL injection.
7721 CVE-2015-9395 89 Sql 2019-09-20 2019-09-20
6.5
None Remote Low Single system Partial Partial Partial
The users-ultra plugin before 1.5.64 for WordPress has SQL Injection via an ajax action.
7722 CVE-2015-9394 352 CSRF 2019-09-20 2019-09-20
6.8
None Remote Medium Not required Partial Partial Partial
The users-ultra plugin before 1.5.63 for WordPress has CSRF via action=package_add_new to wp-admin/admin-ajax.php.
7723 CVE-2015-9381 125 2019-09-03 2019-09-09
6.8
None Remote Medium Not required Partial Partial Partial
FreeType before 2.6.1 has a heap-based buffer over-read in T1_Get_Private_Dict in type1/t1parse.c.
7724 CVE-2015-9380 352 CSRF 2019-08-30 2019-09-03
6.8
None Remote Medium Not required Partial Partial Partial
The photo-gallery plugin before 1.2.42 for WordPress has CSRF.
7725 CVE-2015-9353 89 Sql 2019-08-28 2019-09-09
6.5
None Remote Low Single system Partial Partial Partial
The gigpress plugin before 2.3.11 for WordPress has SQL injection in the admin area, a different vulnerability than CVE-2015-4066.
7726 CVE-2015-9343 352 CSRF 2019-08-27 2019-08-29
6.8
None Remote Medium Not required Partial Partial Partial
The wp-rollback plugin before 1.2.3 for WordPress has CSRF.
7727 CVE-2015-9322 352 CSRF 2019-08-16 2019-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The erident-custom-login-and-dashboard plugin before 3.5 for WordPress has CSRF.
7728 CVE-2015-9309 352 CSRF 2019-08-14 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature.
7729 CVE-2015-9308 352 CSRF 2019-08-14 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature.
7730 CVE-2015-9307 352 CSRF 2019-08-14 2019-08-19
6.8
None Remote Medium Not required Partial Partial Partial
The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature.
7731 CVE-2015-9292 352 CSRF 2019-08-08 2019-08-15
6.8
None Remote Medium Not required Partial Partial Partial
6kbbs 7.1 and 8.0 allows CSRF via portalchannel_ajax.php (id or code parameter) or admin.php (fileids parameter).
7732 CVE-2015-9284 352 CSRF 2019-04-26 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
The request phase of the OmniAuth Ruby gem is vulnerable to Cross-Site Request Forgery when used as part of the Ruby on Rails framework, allowing accounts to be connected without user intent, user interaction, or feedback to the user. This permits a secondary account to be able to sign into the web application as the primary account.
7733 CVE-2015-9253 400 2018-02-19 2019-04-26
6.8
None Remote Low Single system None None Complete
An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.
7734 CVE-2015-9234 89 Sql 2017-09-29 2017-10-06
6.5
None Remote Low Single system Partial Partial Partial
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has SQL injection via the cp_contactformpp_id parameter to cp_contactformpp.php.
7735 CVE-2015-9233 352 XSS CSRF 2017-09-29 2017-10-06
6.8
None Remote Medium Not required Partial Partial Partial
The cp-contact-form-with-paypal (aka CP Contact Form with PayPal) plugin before 1.1.6 for WordPress has CSRF with resultant XSS, related to cp_contactformpp.php and cp_contactformpp_admin_int_list.inc.php.
7736 CVE-2015-9227 94 Exec Code File Inclusion 2017-09-11 2017-09-18
6.5
None Remote Low Single system Partial Partial Partial
PHP remote file inclusion vulnerability in the get_file function in upload/admin2/controller/report_logs.php in AlegroCart 1.2.8 allows remote administrators to execute arbitrary PHP code via a URL in the file_path parameter to upload/admin2.
7737 CVE-2015-9226 89 Exec Code Sql 2017-09-11 2017-09-18
6.5
None Remote Low Single system Partial Partial Partial
Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remote administrators to execute arbitrary SQL commands via the download parameter in the (1) check_download and possibly (2) check_filename function in upload/admin2/model/products/model_admin_download.php or remote authenticated users with a valid Paypal transaction token to execute arbitrary SQL commands via the ref parameter in the (3) orderUpdate function in upload/catalog/extension/payment/paypal.php.
7738 CVE-2015-9016 362 2018-04-05 2018-05-02
6.9
None Local Medium Not required Complete Complete Complete
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046.
7739 CVE-2015-8994 264 +Priv 2017-03-02 2017-03-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. With 5.x after 5.6.28 or 7.x after 7.0.13, the issue is resolved in a non-default configuration with the opcache.validate_permission=1 setting. The vulnerability details are as follows. In PHP SAPIs where PHP interpreters share a common parent process, Zend OpCache creates a shared memory object owned by the common parent during initialization. Child PHP processes inherit the SHM descriptor, using it to cache and retrieve compiled script bytecode ("opcode" in PHP jargon). Cache keys vary depending on configuration, but filename is a central key component, and compiled opcode can generally be run if a script's filename is known or can be guessed. Many common shared-hosting configurations change EUID in child processes to enforce privilege separation among hosted users (for example using mod_ruid2 for the Apache HTTP Server, or php-fpm user settings). In these scenarios, the default Zend OpCache behavior defeats script file permissions by sharing a single SHM cache among all child PHP processes. PHP scripts often contain sensitive information: Think of CMS configurations where reading or running another user's script usually means gaining privileges to the CMS database.
7740 CVE-2015-8993 264 2017-03-14 2017-03-28
6.9
None Local Medium Not required Complete Complete Complete
Malicious file execution vulnerability in Intel Security CloudAV (Beta) before 0.5.0.151.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
7741 CVE-2015-8992 264 2017-03-14 2017-03-23
6.9
None Local Medium Not required Complete Complete Complete
Malicious file execution vulnerability in Intel Security WebAdvisor before 4.0.2, 4.0.1 and 3.7.2 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
7742 CVE-2015-8991 264 2017-03-14 2017-03-28
6.9
None Local Medium Not required Complete Complete Complete
Malicious file execution vulnerability in Intel Security McAfee Security Scan+ (MSS+) before 3.11.266.3 allows attackers to make the product momentarily vulnerable via executing preexisting specifically crafted malware during installation or uninstallation, but not during normal operation.
7743 CVE-2015-8988 77 Exec Code 2017-03-14 2017-03-23
6.5
None Remote Low Single system Partial Partial Partial
Unquoted executable path vulnerability in Client Management and Gateway components in McAfee (now Intel Security) ePO Deep Command (eDC) 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path.
7744 CVE-2015-8983 190 DoS Exec Code Overflow 2017-03-20 2017-03-22
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow.
7745 CVE-2015-8982 190 DoS Exec Code Overflow 2017-03-15 2017-03-17
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the strxfrm function in the GNU C Library (aka glibc or libc6) before 2.21 allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
7746 CVE-2015-8960 310 2016-09-20 2018-06-27
6.8
None Remote Medium Not required Partial Partial Partial
The TLS protocol 1.2 and earlier supports the rsa_fixed_dh, dss_fixed_dh, rsa_fixed_ecdh, and ecdsa_fixed_ecdh values for ClientCertificateType but does not directly document the ability to compute the master secret in certain situations with a client secret key and server public key but not a server secret key, which makes it easier for man-in-the-middle attackers to spoof TLS servers by leveraging knowledge of the secret key for an arbitrary installed client X.509 certificate, aka the "Key Compromise Impersonation (KCI)" issue.
7747 CVE-2015-8955 264 DoS +Priv 2016-10-10 2016-11-28
6.9
None Local Medium Not required Complete Complete Complete
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.
7748 CVE-2015-8943 264 +Priv 2016-08-06 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28815158 and Qualcomm internal bugs CR794217 and CR836226.
7749 CVE-2015-8937 19 +Priv 2016-08-06 2016-11-28
6.8
None Remote Medium Not required Partial Partial Partial
drivers/char/diag/diagchar_core.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 6, and 7 (2013) devices mishandles a socket process, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28803962 and Qualcomm internal bug CR770548.
7750 CVE-2015-8931 190 Overflow 2016-09-20 2018-01-04
6.8
None Remote Medium Not required Partial Partial Partial
Multiple integer overflows in the (1) get_time_t_max and (2) get_time_t_min functions in archive_read_support_format_mtree.c in libarchive before 3.2.0 allow remote attackers to have unspecified impact via a crafted mtree file, which triggers undefined behavior.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.