# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
36901 |
CVE-2015-1840 |
200 |
|
Bypass +Info CSRF |
2015-07-26 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value. |
36902 |
CVE-2015-1839 |
19 |
|
|
2017-04-13 |
2017-04-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
modules/chef.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. |
36903 |
CVE-2015-1838 |
19 |
|
|
2017-04-13 |
2017-04-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
modules/serverdensity_device.py in SaltStack before 2014.7.4 does not properly handle files in /tmp. |
36904 |
CVE-2015-1835 |
20 |
|
|
2017-10-27 |
2017-11-16 |
2.6 |
None |
Remote |
High |
Not required |
None |
Partial |
None |
Apache Cordova Android before 3.7.2 and 4.x before 4.0.2, when an application does not set explicit values in config.xml, allows remote attackers to modify undefined secondary configuration variables (preferences) via a crafted intent: URL. |
36905 |
CVE-2015-1834 |
22 |
|
Dir. Trav. |
2017-05-25 |
2017-06-07 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
A path traversal vulnerability was identified in the Cloud Foundry component Cloud Controller that affects cf-release versions prior to v208 and Pivotal Cloud Foundry Elastic Runtime versions prior to 1.4.2. Path traversal is the 'outbreak' of a given directory structure through relative file paths in the user input. It aims at accessing files and directories that are stored outside the web root folder, for disallowed reading or even executing arbitrary system commands. An attacker could use a certain parameter of the file path for instance to inject '../' sequences in order to navigate through the file system. In this particular case a remote authenticated attacker can exploit the identified vulnerability in order to upload arbitrary files to the server running a Cloud Controller instance - outside the isolated application container. |
36906 |
CVE-2015-1833 |
20 |
|
|
2015-05-29 |
2018-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
XML external entity (XXE) vulnerability in Apache Jackrabbit before 2.0.6, 2.2.x before 2.2.14, 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.1, and 2.10.x before 2.10.1 allows remote attackers to read arbitrary files and send requests to intranet servers via a crafted WebDAV request. |
36907 |
CVE-2015-1832 |
611 |
|
DoS |
2016-10-03 |
2019-04-23 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype. |
36908 |
CVE-2015-1830 |
22 |
|
Dir. Trav. |
2015-08-19 |
2016-12-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Directory traversal vulnerability in the fileserver upload/download functionality for blob messages in Apache ActiveMQ 5.x before 5.11.2 for Windows allows remote attackers to create JSP files in arbitrary directories via unspecified vectors. |
36909 |
CVE-2015-1829 |
|
|
|
2015-10-21 |
2016-11-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect availability via unknown vectors related to Web Listener. |
36910 |
CVE-2015-1828 |
200 |
|
+Info |
2017-10-06 |
2018-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The Ruby http gem before 0.7.3 does not verify hostnames in SSL connections, which might allow remote attackers to obtain sensitive information via a man-in-the-middle-attack. |
36911 |
CVE-2015-1827 |
19 |
|
DoS |
2015-03-30 |
2016-12-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The get_user_grouplist function in the extdom plug-in in FreeIPA before 4.1.4 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service (crash) via a group list request for a user that belongs to a large number of groups. |
36912 |
CVE-2015-1822 |
17 |
|
DoS Exec Code |
2015-04-16 |
2017-06-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
chrony before 1.31.1 does not initialize the last "next" pointer when saving unacknowledged replies to command requests, which allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and daemon crash) or possibly execute arbitrary code via a large number of command requests. |
36913 |
CVE-2015-1821 |
119 |
|
DoS Exec Code Overflow |
2015-04-16 |
2017-06-30 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder. |
36914 |
CVE-2015-1819 |
399 |
|
DoS |
2015-08-14 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. |
36915 |
CVE-2015-1816 |
310 |
|
|
2015-08-14 |
2018-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Forman before 1.7.4 does not verify SSL certificates for LDAP connections, which allows man-in-the-middle attackers to spoof LDAP servers via a crafted certificate. |
36916 |
CVE-2015-1813 |
79 |
|
XSS |
2015-10-16 |
2016-06-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1812. |
36917 |
CVE-2015-1812 |
79 |
|
XSS |
2015-10-16 |
2016-06-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-1813. |
36918 |
CVE-2015-1810 |
264 |
|
+Priv |
2015-10-16 |
2016-06-15 |
4.6 |
None |
Remote |
High |
Single system |
Partial |
Partial |
Partial |
The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote attackers to gain privileges by creating a reserved name. |
36919 |
CVE-2015-1808 |
20 |
|
DoS |
2015-10-16 |
2016-06-15 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
None |
Partial |
Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial of service (improper plug-in and tool installation) via crafted update center data. |
36920 |
CVE-2015-1807 |
22 |
|
Dir. Trav. |
2015-10-16 |
2016-06-15 |
3.5 |
None |
Remote |
Medium |
Single system |
Partial |
None |
None |
Directory traversal vulnerability in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with certain permissions to read arbitrary files via a symlink, related to building artifacts. |
36921 |
CVE-2015-1806 |
264 |
|
Exec Code +Priv |
2015-10-16 |
2016-06-15 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
The combination filter Groovy script in Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users with job configuration permission to gain privileges and execute arbitrary code on the master via unspecified vectors. |
36922 |
CVE-2015-1800 |
200 |
|
+Info |
2017-08-24 |
2017-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The samsung_extdisp driver in the Samsung S4 (GT-I9500) I9500XXUEMK8 kernel 3.4 and earlier allows attackers to potentially obtain sensitive information. |
36923 |
CVE-2015-1799 |
17 |
|
DoS |
2015-04-08 |
2018-01-04 |
4.3 |
None |
Local Network |
Medium |
Not required |
None |
Partial |
Partial |
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer. |
36924 |
CVE-2015-1798 |
17 |
|
|
2015-04-08 |
2018-01-04 |
1.8 |
None |
Local Network |
High |
Not required |
None |
Partial |
None |
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. |
36925 |
CVE-2015-1796 |
254 |
|
|
2015-07-08 |
2016-11-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The PKIX trust engines in Shibboleth Identity Provider before 2.4.4 and OpenSAML Java (OpenSAML-J) before 2.6.5 trust candidate X.509 credentials when no trusted names are available for the entityID, which allows remote attackers to impersonate an entity via a certificate issued by a shibmd:KeyAuthority trust anchor. |
36926 |
CVE-2015-1794 |
189 |
|
DoS |
2015-12-06 |
2017-09-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message. |
36927 |
CVE-2015-1793 |
254 |
|
|
2015-07-09 |
2018-11-30 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
The X509_verify_cert function in crypto/x509/x509_vfy.c in OpenSSL 1.0.1n, 1.0.1o, 1.0.2b, and 1.0.2c does not properly process X.509 Basic Constraints cA values during identification of alternative certificate chains, which allows remote attackers to spoof a Certification Authority role and trigger unintended certificate verifications via a valid leaf certificate. |
36928 |
CVE-2015-1792 |
399 |
|
DoS |
2015-06-12 |
2017-11-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The do_free_upto function in crypto/cms/cms_smime.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (infinite loop) via vectors that trigger a NULL value of a BIO data structure, as demonstrated by an unrecognized X.660 OID for a hash function. |
36929 |
CVE-2015-1791 |
362 |
|
DoS |
2015-06-12 |
2017-11-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Race condition in the ssl3_get_new_session_ticket function in ssl/s3_clnt.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b, when used for a multi-threaded client, allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact by providing a NewSessionTicket during an attempt to reuse a ticket that had been obtained earlier. |
36930 |
CVE-2015-1790 |
|
|
DoS |
2015-06-12 |
2017-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The PKCS7_dataDecodefunction in crypto/pkcs7/pk7_doit.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a PKCS#7 blob that uses ASN.1 encoding and lacks inner EncryptedContent data. |
36931 |
CVE-2015-1789 |
119 |
|
DoS Overflow |
2015-06-12 |
2017-11-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The X509_cmp_time function in crypto/x509/x509_vfy.c in OpenSSL before 0.9.8zg, 1.0.0 before 1.0.0s, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted length field in ASN1_TIME data, as demonstrated by an attack against a server that supports client authentication with a custom verification callback. |
36932 |
CVE-2015-1788 |
399 |
|
DoS |
2015-06-12 |
2017-11-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication. |
36933 |
CVE-2015-1787 |
20 |
|
DoS |
2015-03-19 |
2018-11-29 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when client authentication and an ephemeral Diffie-Hellman ciphersuite are enabled, allows remote attackers to cause a denial of service (daemon crash) via a ClientKeyExchange message with a length of zero. |
36934 |
CVE-2015-1786 |
352 |
|
CSRF |
2017-06-08 |
2017-06-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers. |
36935 |
CVE-2015-1783 |
119 |
|
DoS Overflow |
2017-08-11 |
2017-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors. |
36936 |
CVE-2015-1782 |
20 |
|
DoS |
2015-03-13 |
2017-01-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet. |
36937 |
CVE-2015-1781 |
119 |
|
DoS Exec Code Overflow |
2015-09-28 |
2016-12-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer. |
36938 |
CVE-2015-1777 |
295 |
|
|
2018-04-12 |
2019-04-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack. |
36939 |
CVE-2015-1776 |
200 |
|
+Info |
2016-04-19 |
2016-11-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Apache Hadoop 2.6.x encrypts intermediate data generated by a MapReduce job and stores it along with the encryption key in a credentials file on disk when the Intermediate data encryption feature is enabled, which allows local users to obtain sensitive information by reading the file. |
36940 |
CVE-2015-1775 |
|
|
|
2015-11-02 |
2015-11-03 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Server-side request forgery (SSRF) vulnerability in the proxy endpoint (api/v1/proxy) in Apache Ambari before 2.1.0 allows remote authenticated users to conduct port scans and access unsecured services via a crafted REST call. |
36941 |
CVE-2015-1774 |
119 |
|
DoS Exec Code Overflow |
2015-04-28 |
2017-01-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write. |
36942 |
CVE-2015-1773 |
79 |
|
XSS |
2015-04-07 |
2015-10-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in asdoc/templates/index.html in Apache Flex before 4.14.1 allows remote attackers to inject arbitrary web script or HTML by providing a crafted URI to JavaScript code generated by the asdoc component. |
36943 |
CVE-2015-1772 |
287 |
|
Bypass |
2015-12-21 |
2017-03-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The LDAP implementation in HiveServer2 in Apache Hive before 1.0.1 and 1.1.x before 1.1.1, as used in IBM InfoSphere BigInsights 3.0, 3.0.0.1, and 3.0.0.2 and other products, mishandles simple unauthenticated and anonymous bind configurations, which allows remote attackers to bypass authentication via a crafted LDAP request. |
36944 |
CVE-2015-1771 |
352 |
|
CSRF |
2015-06-09 |
2018-10-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in the web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allows remote attackers to hijack the authentication of arbitrary users, aka "Exchange Cross-Site Request Forgery Vulnerability." |
36945 |
CVE-2015-1765 |
200 |
|
+Info |
2015-06-09 |
2018-10-12 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site. |
36946 |
CVE-2015-1764 |
|
|
Bypass |
2015-06-09 |
2018-10-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allow remote attackers to bypass the Same Origin Policy and send HTTP traffic to intranet servers via a crafted request, related to a Server-Side Request Forgery (SSRF) issue, aka "Exchange Server-Side Request Forgery Vulnerability." |
36947 |
CVE-2015-1761 |
284 |
|
+Priv |
2015-07-14 |
2018-10-12 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "SQL Server Elevation of Privilege Vulnerability." |
36948 |
CVE-2015-1758 |
|
|
+Priv |
2015-06-09 |
2018-10-12 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
Untrusted search path vulnerability in the LoadLibrary function in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, aka "Windows LoadLibrary EoP Vulnerability." |
36949 |
CVE-2015-1757 |
79 |
|
XSS |
2015-06-09 |
2018-10-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 allows remote attackers to inject arbitrary web script or HTML via the wct parameter, aka "ADFS XSS Elevation of Privilege Vulnerability." |
36950 |
CVE-2015-1748 |
264 |
|
+Priv |
2015-06-09 |
2018-10-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743. |