Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-08 | CVE-2015-7754 | Improper Input Validation vulnerability in Juniper Screenos 6.3.0 Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation. | 8.1 |
| 2016-01-08 | CVE-2015-7362 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc setuid program. | 7.8 |
| 2016-01-08 | CVE-2015-6856 | Permissions, Privileges, and Access Controls vulnerability in Dell Pre-Boot Authentication Driver 1.0.1.5 Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call. | 7.8 |
| 2016-01-08 | CVE-2015-5259 | Numeric Errors vulnerability in Apache Subversion 1.9.0/1.9.1/1.9.2 Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. | 8.6 |
| 2016-01-08 | CVE-2016-1131 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in DX Library Project DX Library 3.15E Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string. | 7.8 |
| 2016-01-08 | CVE-2015-6862 | Improper Access Control vulnerability in HP Ucmdb Browser 4.0.1 HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors. | 8.4 |
| 2016-01-06 | CVE-2015-6647 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24441554. | 7.8 |
| 2016-01-06 | CVE-2015-6640 | Permissions, Privileges, and Access Controls vulnerability in Google Android The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service (vma list corruption) via a crafted application, aka internal bug 20017123. | 7.8 |
| 2016-01-06 | CVE-2015-6639 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875. | 7.8 |
| 2016-01-06 | CVE-2015-6638 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Imagination Technologies driver in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 24673908. | 7.8 |