Total
5269 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-1608 | 1 Topline Systems | 1 Opportunity Form | 2026-06-17 | 4.0 MEDIUM | N/A |
| Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not properly restrict access to database-connection strings, which allows attackers to read the cleartext version of sensitive credential and e-mail address information via unspecified vectors. | |||||
| CVE-2015-1599 | 1 Siemens | 1 Spcanywhere | 2026-06-17 | 2.1 LOW | N/A |
| The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass intended access restrictions by leveraging a filesystem architectural error. | |||||
| CVE-2015-1593 | 1 Linux | 1 Linux Kernel | 2026-06-17 | 5.0 MEDIUM | N/A |
| The stack randomization feature in the Linux kernel before 3.19.1 on 64-bit platforms uses incorrect data types for the results of bitwise left-shift operations, which makes it easier for attackers to bypass the ASLR protection mechanism by predicting the address of the top of the stack, related to the randomize_stack_top function in fs/binfmt_elf.c and the stack_maxrandom_size function in arch/x86/mm/mmap.c. | |||||
| CVE-2015-1591 | 1 Kamailio | 1 Kamailio | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| The kamailio build in kamailio before 4.2.0-2 process allows local users to gain privileges. | |||||
| CVE-2015-1590 | 1 Kamailio | 1 Kamailio | 2026-06-17 | 4.6 MEDIUM | 7.8 HIGH |
| The kamcmd administrative utility and default configuration in kamailio before 4.3.0 use /tmp/kamailio_ctl. | |||||
| CVE-2015-1551 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2026-06-17 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-1515 | 1 Softsphere | 1 Defensewall Personal Firewall | 2026-06-17 | 7.2 HIGH | N/A |
| The dwall.sys driver in SoftSphere DefenseWall Personal Firewall 3.24 allows local users to write data to arbitrary memory locations, and consequently gain privileges, via a crafted 0x00222000, 0x00222004, 0x00222008, 0x0022200c, or 0x00222010 IOCTL call. | |||||
| CVE-2015-1499 | 1 Samsung | 1 Samsung Security Manager | 2026-06-17 | 8.5 HIGH | N/A |
| The ActiveMQ Broker in Samsung Security Manager (SSM) before 1.31 allows remote attackers to delete arbitrary files, and consequently cause a denial of service, via a DELETE request. | |||||
| CVE-2015-1498 | 1 Persistent Systems | 1 Radia Client Automation | 2026-06-17 | 10.0 HIGH | N/A |
| Persistent Systems Radia Client Automation does not properly restrict access to certain request, which allows remote attackers to (1) enumerate user accounts via a getUsers request, (2) assign a role to a user account via an addAssigneesToRole request, (3) remove a role from a user account via a removeAssigneesFromRole request, or (4) have other unspecified impact. | |||||
| CVE-2015-1496 | 1 Motorola | 1 Motorola Scanner Sdk | 2026-06-17 | 7.2 HIGH | N/A |
| Motorola Scanner SDK uses weak permissions for (1) CoreScanner.exe, (2) rsmdriverproviderservice.exe, and (3) ScannerService.exe, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2015-1489 | 1 Symantec | 1 Endpoint Protection Manager | 2026-06-17 | 8.5 HIGH | N/A |
| The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors. | |||||
| CVE-2015-1481 | 1 Ansible | 1 Tower | 2026-06-17 | 6.5 MEDIUM | N/A |
| Ansible Tower (aka Ansible UI) before 2.0.5 allows remote organization administrators to gain privileges by creating a superuser account. | |||||
| CVE-2015-1469 | 1 Servision | 2 Hvg400, Hvg Video Gateway Firmware | 2026-06-17 | 9.0 HIGH | N/A |
| time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930. | |||||
| CVE-2015-1460 | 1 Huawei | 10 Quidway Firmware, Quidway S2350, Quidway S2750 and 7 more | 2026-06-17 | 7.5 HIGH | N/A |
| Huawei Quidway switches with firmware before V200R005C00SPC300 allows remote attackers to gain privileges via a crafted packet. | |||||
| CVE-2015-1458 | 1 Fortinet | 1 Fortiauthenticator | 2026-06-17 | 6.9 MEDIUM | N/A |
| Fortinet FortiAuthenticator 3.0.0 allows local users to bypass intended restrictions and gain privileges by creating /tmp/privexec/dbgcore_enable_shell_access and executing the "shell" command. | |||||
| CVE-2015-1448 | 1 Siemens | 5 Ruggedcom Firmware, Ruggedcom Win5100, Ruggedcom Win5200 and 2 more | 2026-06-17 | 10.0 HIGH | N/A |
| The integrated management service on Siemens Ruggedcom WIN51xx devices with firmware before SS4.4.4624.35, WIN52xx devices with firmware before SS4.4.4624.35, WIN70xx devices with firmware before BS4.4.4621.32, and WIN72xx devices with firmware before BS4.4.4621.32 allows remote attackers to bypass authentication and perform administrative actions via unspecified vectors. | |||||
| CVE-2015-1416 | 1 Freebsd | 1 Freebsd | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file. | |||||
| CVE-2015-1378 | 1 Grml | 1 Grml-debootstrap | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| cmdlineopts.clp in grml-debootstrap in Debian 0.54, 0.68.x before 0.68.1, 0.7x before 0.78 is sourced without checking that the local directory is writable by non-root users. | |||||
| CVE-2015-1375 | 1 Pixabay Images Project | 1 Pixabay Images | 2026-06-17 | 7.5 HIGH | N/A |
| pixabay-images.php in the Pixabay Images plugin before 2.4 for WordPress does not properly restrict access to the upload functionality, which allows remote attackers to write to arbitrary files. | |||||
| CVE-2015-1356 | 1 Siemens | 1 Simatic Step 7 | 2026-06-17 | 4.4 MEDIUM | N/A |
| Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 determines a user's privileges on the basis of project-file fields that lack integrity protection, which allows remote attackers to establish arbitrary authorization data via a modified file. | |||||
