Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-01-08 | CVE-2015-8754 | Permissions, Privileges, and Access Controls vulnerability in Acquia Mollom The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended access restrictions and modify the mollom blacklist via unspecified vectors. | 7.5 |
2016-01-08 | CVE-2015-8612 | Permissions, Privileges, and Access Controls vulnerability in Blueman Project Blueman 1.99/2.0 The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument. | 8.4 |
2016-01-08 | CVE-2015-8597 | Unspecified vulnerability in Bluecoat Advanced Secure Gateway and Proxysg Open redirect vulnerability in Blue Coat ProxySG 6.5 before 6.5.8.8 and 6.6 and Advanced Secure Gateway (ASG) 6.6 might allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in conjunction with a "clear text" one in a coaching page, as demonstrated by "http://www.%humbug-URL%.local/bluecoat-splash-API?%BASE64-URL%." | 7.4 |
2016-01-08 | CVE-2015-8547 | Code vulnerability in multiple products The CoreUserInputHandler::doMode function in core/coreuserinputhandler.cpp in Quassel 0.10.0 allows remote attackers to cause a denial of service (application crash) via the "/op *" command in a query. | 7.5 |
2016-01-08 | CVE-2015-7754 | Improper Input Validation vulnerability in Juniper Screenos 6.3.0 Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation. | 8.1 |
2016-01-08 | CVE-2015-7362 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient Fortinet FortiClient Linux SSLVPN before build 2313, when installed on Linux in a home directory that is world readable and executable, allows local users to gain privileges via the helper/subroc setuid program. | 7.8 |
2016-01-08 | CVE-2015-6856 | Permissions, Privileges, and Access Controls vulnerability in Dell Pre-Boot Authentication Driver 1.0.1.5 Dell Pre-Boot Authentication Driver (PBADRV.sys) 1.0.1.5 allows local users to write to arbitrary physical memory locations and gain privileges via a 0x0022201c IOCTL call. | 7.8 |
2016-01-08 | CVE-2015-5259 | Numeric Errors vulnerability in Apache Subversion 1.9.0/1.9.1/1.9.2 Integer overflow in the read_string function in libsvn_ra_svn/marshal.c in Apache Subversion 1.9.x before 1.9.3 allows remote attackers to execute arbitrary code via an svn:// protocol string, which triggers a heap-based buffer overflow and an out-of-bounds read. | 8.6 |
2016-01-08 | CVE-2016-1131 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in DX Library Project DX Library 3.15E Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string. | 7.8 |
2016-01-08 | CVE-2015-6862 | Improper Access Control vulnerability in HP Ucmdb Browser 4.0.1 HPE UCMDB Browser before 4.02 allows remote attackers to obtain sensitive information or bypass intended access restrictions via unspecified vectors. | 8.4 |