Vulnerabilities > Code
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2015-10-19 | CVE-2015-0275 | Code vulnerability in Linux Kernel The ext4_zero_range function in fs/ext4/extents.c in the Linux kernel before 4.1 allows local users to cause a denial of service (BUG) via a crafted fallocate zero-range request. | 4.9 |
| 2015-10-09 | CVE-2015-5915 | Code vulnerability in Apple mac OS X Apple OS X before 10.11 does not ensure that the keychain's lock state is displayed correctly, which has unspecified impact and attack vectors. | 5.0 |
| 2015-10-09 | CVE-2015-5914 | Code vulnerability in Apple mac OS X The EFI component in Apple OS X before 10.11 allows physically proximate attackers to modify firmware during the EFI update process by inserting an Apple Ethernet Thunderbolt adapter with crafted code in an Option ROM, aka a "Thunderstrike" issue. | 4.7 |
| 2015-10-09 | CVE-2015-5894 | Code vulnerability in Apple mac OS X The X.509 certificate-trust implementation in Apple OS X before 10.11 does not recognize that the kSecRevocationRequirePositiveResponse flag implies a revocation-checking requirement, which makes it easier for man-in-the-middle attackers to spoof endpoints by leveraging access to a revoked certificate. | 4.3 |
| 2015-10-09 | CVE-2015-5887 | Code vulnerability in Apple mac OS X The TLS Handshake Protocol implementation in Secure Transport in Apple OS X before 10.11 accepts a Certificate Request message within a session in which no Server Key Exchange message has been sent, which allows remote attackers to have an unspecified impact via crafted TLS data. | 10.0 |
| 2015-10-01 | CVE-2015-7311 | Code vulnerability in XEN libxl in Xen 4.1.x through 4.6.x does not properly handle the readonly flag on disks when using the qemu-xen device model, which allows local guest users to write to a read-only disk image. | 3.6 |
| 2015-09-18 | CVE-2015-5912 | Code vulnerability in Apple Iphone OS and mac OS X The CFNetwork FTPProtocol component in Apple iOS before 9 allows remote FTP proxy servers to trigger TCP connection attempts to intranet hosts via crafted responses. | 5.0 |
| 2015-09-09 | CVE-2015-2535 | Code vulnerability in Microsoft Windows Server 2008 and Windows Server 2012 Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka "Active Directory Denial of Service Vulnerability." | 4.0 |
| 2015-09-09 | CVE-2015-2526 | Code vulnerability in Microsoft .Net Framework Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability." | 5.0 |
| 2015-09-08 | CVE-2015-1841 | Code vulnerability in Redhat Enterprise Virtualization 3.0 The Web Admin interface in Red Hat Enterprise Virtualization Manager (RHEV-M) allows local users to bypass the timeout function by selecting a VM in the VM grid view. | 3.7 |