Export limit exceeded: 16515 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 365340 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 365340 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (5493 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2015-0257 1 Redhat 2 Enterprise Virtualization Manager, Rhev Manager 2025-04-12 N/A
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.
CVE-2015-0266 1 Apache 1 Ranger 2025-04-12 N/A
The Policy Admin Tool in Apache Ranger before 0.5.0 allows remote authenticated users to bypass intended access restrictions via direct access to module URLs.
CVE-2015-0818 2 Mozilla, Redhat 4 Firefox, Firefox Esr, Seamonkey and 1 more 2025-04-12 N/A
Mozilla Firefox before 36.0.4, Firefox ESR 31.x before 31.5.3, and SeaMonkey before 2.33.1 allow remote attackers to bypass the Same Origin Policy and execute arbitrary JavaScript code with chrome privileges via vectors involving SVG hash navigation.
CVE-2015-0821 3 Canonical, Mozilla, Opensuse 3 Ubuntu Linux, Firefox, Opensuse 2025-04-12 N/A
Mozilla Firefox before 36.0 allows user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions.
CVE-2015-0856 2 Fedoraproject, Sddm Project 2 Fedora, Sddm 2025-04-12 N/A
daemon/Greeter.cpp in sddm before 0.13.0 does not properly disable the KDE crash handler, which allows local users to gain privileges by crashing a greeter when using certain themes, as demonstrated by the plasma-workspace breeze theme.
CVE-2015-0861 2 Debian, Tryton 2 Debian Linux, Trytond 2025-04-12 N/A
model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records.
CVE-2015-0932 1 Antlabs 7 Inngate Ig 3.00 E, Inngate Ig 3.01 E, Inngate Ig 3.02 E and 4 more 2025-04-12 N/A
The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on port 873.
CVE-2015-0951 1 Qualiteam 1 X-cart 2025-04-12 N/A
X-Cart before 5.1.11 allows remote authenticated users to read or delete address data of arbitrary accounts via a modified (1) update or (2) remove request.
CVE-2015-0981 1 Scadaengine 1 Bacnet Opc Server 2025-04-12 N/A
The SOAP web interface in SCADA Engine BACnet OPC Server before 2.1.371.24 allows remote attackers to bypass authentication and read or write to arbitrary database fields via unspecified vectors.
CVE-2015-1448 1 Siemens 5 Ruggedcom Firmware, Ruggedcom Win5100, Ruggedcom Win5200 and 2 more 2025-04-12 N/A
The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors.
CVE-2015-1458 1 Fortinet 1 Fortiauthenticator 2025-04-12 N/A
Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command.
CVE-2015-1460 1 Huawei 10 Quidway Firmware, Quidway S2350, Quidway S2750 and 7 more 2025-04-12 N/A
Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet.
CVE-2015-1469 1 Servision 2 Hvg400, Hvg Video Gateway Firmware 2025-04-12 N/A
time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930.
CVE-2015-1481 1 Ansible 1 Tower 2025-04-12 N/A
Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account.
CVE-2015-1489 1 Symantec 1 Endpoint Protection Manager 2025-04-12 N/A
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.
CVE-2015-1496 1 Motorola 1 Motorola Scanner Sdk 2025-04-12 N/A
Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors.
CVE-2015-1498 1 Persistent Systems 1 Radia Client Automation 2025-04-12 N/A
Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to (1) enumerate user accounts via a getUsers request, (2) assign a role to a user account via an addAssigneesToRole request, (3) remove a role from a user account via a removeAssigneesFromRole request, or (4) have other unspecified impact.
CVE-2015-1499 1 Samsung 1 Samsung Security Manager 2025-04-12 N/A
The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request.
CVE-2015-1515 1 Softsphere 1 Defensewall Personal Firewall 2025-04-12 N/A
The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call.
CVE-2015-1551 1 Arubanetworks 1 Clearpass Policy Manager 2025-04-12 N/A
Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to read arbitrary files via unspecified vectors.