Total
5268 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-8022 | 1 F5 | 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 11 more | 2026-06-17 | 8.5 HIGH | 7.5 HIGH |
| The Configuration utility in F5 BIG-IP LTM, Analytics, APM, ASM, GTM, and Link Controller 11.x before 11.2.1 HF16, 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AAM 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP AFM and PEM 11.3.x, 11.4.x before 11.4.1 HF10, 11.5.x before 11.5.4, and 11.6.x before 11.6.1; BIG-IP Edge Gateway, WebAccelerator, and WOM 11.x before 11.2.1 HF16 and 11.3.0; and BIG-IP PSM 11.x before 11.2.1 HF16, 11.3.x, and 11.4.x before 11.4.1 HF10 allows remote authenticated users with certain permissions to gain privileges by leveraging an Access Policy Manager customization configuration section that allows file uploads. | |||||
| CVE-2015-8004 | 1 Mediawiki | 1 Mediawiki | 2026-06-17 | 4.0 MEDIUM | N/A |
| MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly restrict access to revisions, which allows remote authenticated users with the viewsuppressed user right to remove revision suppressions via a crafted revisiondelete action, which returns a valid a change form. | |||||
| CVE-2015-7967 | 1 Gemalto | 1 Safenet Authentication Service For Citrix Web Interface Agent | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | |||||
| CVE-2015-7966 | 1 Gemalto | 1 Safenet Authentication Service Windows Logon Agent | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965. | |||||
| CVE-2015-7965 | 1 Gemalto | 1 Safenet Authentication Service Windows Logon Agent | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966. | |||||
| CVE-2015-7964 | 1 Gemalto | 1 Safenet Authentication Service For Nps Agent | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | |||||
| CVE-2015-7963 | 1 Gemalto | 1 Safenet Authentication Service For Ad Fs Agent | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| SafeNet Authentication Service for AD FS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | |||||
| CVE-2015-7962 | 1 Gemalto | 1 Safenet Authentication Service For Outlook Web App Agent | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | |||||
| CVE-2015-7961 | 1 Gemalto | 1 Safenet Authentication Service Remote Web Workplace Agent | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module. | |||||
| CVE-2015-7919 | 1 Searchblox | 1 Searchblox | 2026-06-17 | 6.4 MEDIUM | 10.0 CRITICAL |
| SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors. | |||||
| CVE-2015-7875 | 1 Chaos Tool Suite Project | 1 Ctools | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| ctools 6.x-1.x before 6.x-1.14 and 7.x-1.x before 7.x-1.8 in Drupal does not verify the "edit" permission for the "content type" plugins that are used on Panels and similar systems to place content and functionality on a page. | |||||
| CVE-2015-7862 | 1 Accelerite | 1 Radia Client Automation | 2026-06-17 | 5.0 MEDIUM | N/A |
| Persistent Accelerite Radia Client Automation (formerly HP Client Automation) 7.9 through 9.1 before 2015-02-19 improperly implements the Role Based Access Control feature, which might allow remote attackers to modify an account's role assignments via unspecified vectors. | |||||
| CVE-2015-7861 | 1 Accelerite | 1 Radia Client Automation | 2026-06-17 | 10.0 HIGH | N/A |
| Persistent Accelerite Radia Client Automation (formerly HP Client Automation), possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling. | |||||
| CVE-2015-7840 | 1 Solarwinds | 1 Log And Event Manager | 2026-06-17 | 7.5 HIGH | N/A |
| The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature. | |||||
| CVE-2015-7835 | 1 Xen | 1 Xen | 2026-06-17 | 7.2 HIGH | N/A |
| The mod_l2_entry function in arch/x86/mm.c in Xen 3.4 through 4.6.x does not properly validate level 2 page table entries, which allows local PV guest administrators to gain privileges via a crafted superpage mapping. | |||||
| CVE-2015-7818 | 2 Ibm, Lenovo | 2 System Networking Switch Center, Switch Center | 2026-06-17 | 7.2 HIGH | N/A |
| The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows local users to execute arbitrary JSP code with SYSTEM privileges by using the Apache Axis AdminService deployment method to install a .jsp file. | |||||
| CVE-2015-7809 | 1 Symfony | 1 Twig | 2026-06-17 | 6.8 MEDIUM | N/A |
| The displayBlock function Template.php in Sensio Labs Twig before 1.20.0, when Sandbox mode is enabled, allows remote attackers to execute arbitrary code via the _self variable in a template. | |||||
| CVE-2015-7792 | 1 Corega | 1 Cg-wlbargs Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| Corega CG-WLBARGS devices allow remote attackers to perform administrative operations via unspecified vectors. | |||||
| CVE-2015-7788 | 1 Asus | 2 Wl-330nul, Wl-330nul Firmware | 2026-06-17 | 5.8 MEDIUM | 7.3 HIGH |
| ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2015-7766 | 1 Zohocorp | 1 Manageengine Opmanager | 2026-06-17 | 9.0 HIGH | N/A |
| PGSQL:SubmitQuery.do in ZOHO ManageEngine OpManager 11.6, 11.5, and earlier allows remote administrators to bypass SQL query restrictions via a comment in the query to api/json/admin/SubmitQuery, as demonstrated by "INSERT/**/INTO." | |||||
