# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
45251 |
CVE-2015-4197 |
20 |
|
DoS |
2015-06-20 |
2016-12-28 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
Cisco NX-OS 5.2(5) on Nexus 7000 devices allows remote attackers to cause a denial of service (device crash) by sending a malformed LLDP packet on the local network, aka Bug ID CSCud89415. |
45252 |
CVE-2015-4196 |
255 |
|
|
2015-07-04 |
2016-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager (CDM) 8.x has a hardcoded password for a privileged account, which allows remote attackers to obtain root access by leveraging knowledge of this password and entering it in an SSH session, aka Bug ID CSCuq45546. |
45253 |
CVE-2015-4195 |
399 |
|
DoS |
2015-06-18 |
2016-12-28 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
Cisco IOS XR 5.1.1.K9SEC allows remote authenticated users to cause a denial of service (vty error, and SSH and TELNET outage) via a crafted disconnect action within an SSH session, aka Bug ID CSCul63127. |
45254 |
CVE-2015-4194 |
200 |
|
+Info |
2015-06-18 |
2016-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The web-based administrative interface in Cisco WebEx Meeting Center provides different error messages for failed login attempts depending on whether the username exists or corresponds to a privileged account, which allows remote attackers to enumerate account names and obtain sensitive information via a series of requests, aka Bug ID CSCuf28861. |
45255 |
CVE-2015-4191 |
399 |
|
DoS |
2015-06-18 |
2016-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Cisco IOS XR 5.2.1 allows remote attackers to cause a denial of service (ipv6_io service reload) via a malformed IPv6 packet, aka Bug ID CSCuq95565. |
45256 |
CVE-2015-4190 |
|
|
|
2015-06-17 |
2016-12-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cisco Cloud Portal in Cisco Prime Service Catalog 9.4.1_vortex on Cloud Portal appliances allows man-in-the-middle attackers to modify data via unspecified vectors, aka Bug ID CSCuh19683. |
45257 |
CVE-2015-4189 |
352 |
|
CSRF |
2015-06-23 |
2016-12-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework (DCAF) 1.4 allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCun26807. |
45258 |
CVE-2015-4188 |
89 |
|
Exec Code Sql |
2015-06-17 |
2016-12-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
SQL injection vulnerability in the Manager interface in Cisco Prime Collaboration 10.5(1) allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug IDs CSCuu29910, CSCuu29928, and CSCuu59104. |
45259 |
CVE-2015-4186 |
78 |
|
Exec Code +Priv |
2015-06-17 |
2016-12-07 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience (aka VXC) Client 6215 devices with firmware 11.2(27.4) allows local users to gain privileges for OS command execution via a crafted option value, aka Bug ID CSCug54412. |
45260 |
CVE-2015-4185 |
264 |
|
+Priv |
2015-06-13 |
2017-01-04 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
The TCL interpreter in Cisco IOS 15.2 does not properly maintain the vty state, which allows local users to gain privileges by starting a session very soon after a TCL script execution, aka Bug ID CSCuq24202. |
45261 |
CVE-2015-4184 |
20 |
|
Bypass |
2015-06-13 |
2017-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The anti-spam scanner on Cisco Email Security Appliance (ESA) devices 3.3.1-09, 7.5.1-gpl-022, and 8.5.6-074 allows remote attackers to bypass intended e-mail restrictions via a malformed DNS SPF record, aka Bug IDs CSCuu35853 and CSCuu37733. |
45262 |
CVE-2015-4183 |
78 |
|
Exec Code +Priv |
2015-06-17 |
2016-12-07 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution via a crafted CLI parameter, aka Bug ID CSCut32795. |
45263 |
CVE-2015-4182 |
264 |
|
Bypass +Info |
2015-06-12 |
2017-01-04 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
The administrative web interface in Cisco Identity Services Engine (ISE) before 1.3 allows remote authenticated users to bypass intended access restrictions, and obtain sensitive information or change settings, via unspecified vectors, aka Bug ID CSCui72087. |
45264 |
CVE-2015-4181 |
22 |
|
Dir. Trav. |
2017-08-25 |
2017-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this vulnerability exists due to an incomplete fix to CVE-2015-4180. |
45265 |
CVE-2015-4180 |
22 |
|
Dir. Trav. |
2017-08-25 |
2017-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this vulnerability exists due to an incomplete fix to CVE-2009-4050. |
45266 |
CVE-2015-4179 |
352 |
|
CSRF |
2018-02-05 |
2018-02-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Multiple cross-site request forgery (CSRF) vulnerabilities in the Codestyling Localization plugin 1.99.30 and earlier for Wordpress. |
45267 |
CVE-2015-4178 |
|
|
DoS |
2016-05-02 |
2016-05-06 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs_pin.c and include/linux/fs_pin.h. |
45268 |
CVE-2015-4177 |
|
|
DoS |
2016-05-02 |
2016-05-06 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call. |
45269 |
CVE-2015-4174 |
79 |
|
XSS |
2015-06-28 |
2016-12-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in the integrated web server on the Siemens Climatix BACnet/IP communication module with firmware before 10.34 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. |
45270 |
CVE-2015-4173 |
|
|
+Priv |
2015-08-26 |
2018-10-09 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
Unquoted Windows search path vulnerability in the autorun value in Dell SonicWall NetExtender before 7.5.227 and 8.0.x before 8.0.238, as used in the SRA firmware before 7.5.1.2-40sv and 8.x before 8.0.0.3-23sv, allows local users to gain privileges via a Trojan horse program in the %SYSTEMDRIVE% folder. |
45271 |
CVE-2015-4170 |
362 |
|
DoS |
2016-05-02 |
2017-11-11 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
Race condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock) by establishing a new tty thread during shutdown of a previous tty thread. |
45272 |
CVE-2015-4167 |
189 |
|
DoS Overflow |
2015-08-05 |
2016-12-21 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem. |
45273 |
CVE-2015-4166 |
320 |
|
|
2017-03-23 |
2017-03-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key. |
45274 |
CVE-2015-4165 |
264 |
|
Exec Code |
2017-08-09 |
2018-10-09 |
6.0 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
Partial |
The snapshot API in Elasticsearch before 1.6.0 when another application exists on the system that can read Lucene files and execute code from them, is accessible by the attacker, and the Java VM on which Elasticsearch is running can write to a location that the other application can read and execute from, allows remote authenticated users to write to and create arbitrary snapshot metadata files, and potentially execute arbitrary code. |
45275 |
CVE-2015-4164 |
399 |
|
DoS |
2015-06-15 |
2018-10-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
The compat_iret function in Xen 3.1 through 4.5 iterates the wrong way through a loop, which allows local 32-bit PV guest administrators to cause a denial of service (large loop and system hang) via a hypercall_iret call with EFLAGS.VM set. |
45276 |
CVE-2015-4163 |
|
|
DoS |
2015-06-15 |
2018-10-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
GNTTABOP_swap_grant_ref in Xen 4.2 through 4.5 does not check the grant table operation version, which allows local guest domains to cause a denial of service (NULL pointer dereference) via a hypercall without a GNTTABOP_setup_table or GNTTABOP_set_version. |
45277 |
CVE-2015-4162 |
|
|
+Info |
2015-06-02 |
2016-11-28 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
XML external entity (XXE) vulnerability in the management interface in PAN-OS before 5.0.16, 6.x before 6.0.8, and 6.1.x before 6.1.4 allows remote authenticated administrators to obtain sensitive information via crafted XML data. |
45278 |
CVE-2015-4161 |
264 |
|
+Priv +Info |
2015-06-02 |
2016-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SAP Afaria does not properly restrict access to unspecified functionality, which allows remote attackers to obtain sensitive information, gain privileges, or have other unspecified impact via unknown vectors, SAP Security Note 2155690. |
45279 |
CVE-2015-4160 |
89 |
|
Exec Code Sql |
2015-06-02 |
2016-11-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in SAP ASE Database Platform allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes: 2152278. |
45280 |
CVE-2015-4159 |
89 |
|
Exec Code Sql |
2015-06-02 |
2016-11-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in SAP HANA Web-based Development Workbench allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Notes 2153892. |
45281 |
CVE-2015-4158 |
|
|
DoS |
2015-06-02 |
2016-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2121661. |
45282 |
CVE-2015-4157 |
|
|
DoS |
2015-06-02 |
2016-11-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
SAP Content Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2127995. |
45283 |
CVE-2015-4153 |
22 |
|
Dir. Trav. |
2015-06-10 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to include and execute arbitrary php files via a relative path in the template parameter in a load_template action to wp-admin/admin-ajax.php. |
45284 |
CVE-2015-4152 |
22 |
|
Dir. Trav. |
2015-06-15 |
2018-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
Directory traversal vulnerability in the file output plugin in Elasticsearch Logstash before 1.4.3 allows remote attackers to write to arbitrary files via vectors related to dynamic field references in the path option. |
45285 |
CVE-2015-4148 |
20 |
|
+Info |
2015-06-09 |
2018-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a "type confusion" issue. |
45286 |
CVE-2015-4147 |
19 |
|
Exec Code |
2015-06-09 |
2018-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The SoapClient::__call method in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that __default_headers is an array, which allows remote attackers to execute arbitrary code by providing crafted serialized data with an unexpected data type, related to a "type confusion" issue. |
45287 |
CVE-2015-4146 |
|
|
DoS |
2015-06-15 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before determining if a response should be fragmented, which allows remote attackers to cause a denial of service (crash) via a crafted message. |
45288 |
CVE-2015-4145 |
399 |
|
DoS |
2015-06-15 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being processed, which allows remote attackers to cause a denial of service (memory leak) via a crafted message. |
45289 |
CVE-2015-4144 |
119 |
|
DoS Overflow |
2015-06-15 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to contain the Total-Length field, which allows remote attackers to cause a denial of service (crash) via a crafted message. |
45290 |
CVE-2015-4143 |
119 |
|
DoS Overflow |
2015-06-15 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted (1) Commit or (2) Confirm message payload. |
45291 |
CVE-2015-4142 |
119 |
|
DoS Overflow |
2015-06-15 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Integer underflow in the WMM Action frame parser in hostapd 0.5.5 through 2.4 and wpa_supplicant 0.7.0 through 2.4, when used for AP mode MLME/SME functionality, allows remote attackers to cause a denial of service (crash) via a crafted frame, which triggers an out-of-bounds read. |
45292 |
CVE-2015-4141 |
119 |
|
DoS Overflow |
2015-06-15 |
2018-10-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
The WPS UPnP function in hostapd, when using WPS AP, and wpa_supplicant, when using WPS external registrar (ER), 0.7.0 through 2.4 allows remote attackers to cause a denial of service (crash) via a negative chunk length, which triggers an out-of-bounds read or heap-based buffer overflow. |
45293 |
CVE-2015-4140 |
352 |
|
XSS CSRF |
2015-06-18 |
2015-06-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Cross-site request forgery (CSRF) vulnerability in the WP Smiley plugin 1.4.1 for WordPress allows remote attackers to hijack the authentication of editors for requests that conduct cross-site scripting (XSS) attacks via the s4w-more parameter to the smilies4wp.php page to wp-admin/options-general.php. |
45294 |
CVE-2015-4138 |
200 |
|
+Info |
2015-05-30 |
2015-06-02 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
The WebUI component in Blue Coat SSL Visibility Appliance SV800, SV1800, SV2800, and SV3800 3.6.x through 3.8.x before 3.8.4 does not include the HTTPOnly flag in a Set-Cookie header for the administrator's cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, a different vulnerability than CVE-2015-2855. |
45295 |
CVE-2015-4137 |
89 |
|
Exec Code Sql |
2015-05-29 |
2016-12-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL injection vulnerability in related.php in Milw0rm Clone Script 1.0 allows remote attackers to execute arbitrary SQL commands via the program parameter. |
45296 |
CVE-2015-4135 |
79 |
|
XSS |
2015-05-28 |
2016-12-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in goto.php in phpwind 8.7 allows remote attackers to inject arbitrary web script or HTML via the url parameter. |
45297 |
CVE-2015-4134 |
|
|
|
2015-05-28 |
2016-12-30 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Open redirect vulnerability in goto.php in phpwind 8.7 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. |
45298 |
CVE-2015-4133 |
|
|
Exec Code |
2015-05-28 |
2016-11-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Unrestricted file upload vulnerability in admin/scripts/FileUploader/php.php in the ReFlex Gallery plugin before 3.1.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in uploads/ directory. |
45299 |
CVE-2015-4129 |
89 |
|
Exec Code Sql |
2015-07-05 |
2016-11-28 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote authenticated users to execute arbitrary SQL commands via modified serialized data in a salt cookie. |
45300 |
CVE-2015-4127 |
79 |
|
XSS |
2015-05-28 |
2016-12-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Cross-site scripting (XSS) vulnerability in the church_admin plugin before 0.810 for WordPress allows remote attackers to inject arbitrary web script or HTML via the address parameter, as demonstrated by a request to index.php/2015/05/21/church_admin-registration-form/. |