2015 CVE Vulnerabilities
8,779 CVEs published in 2015.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2015-5684 | CRITICAL | 9.8 | 3.7% | Mar 27, 2020 | MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was ... |
| CVE-2015-0565 | CRITICAL | 10 | 13.3% | Feb 25, 2020 | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. |
| CVE-2015-7567 | CRITICAL | 9.8 | 3.7% | Feb 18, 2020 | SQL injection vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary SQL commands via the "passw... |
| CVE-2015-6970 | CRITICAL | 9.8 | 5.3% | Feb 18, 2020 | The web interface in Bosch Security Systems NBN-498 Dinion2X Day/Night IP Cameras with H.264 Firmware 4.54.0026 allows r... |
| CVE-2015-1425 | CRITICAL | 9.8 | 1.5% | Feb 18, 2020 | JAKWEB Gecko CMS has Multiple Input Validation Vulnerabilities |
| CVE-2015-6922 | CRITICAL | 9.8 | 82.1% | Feb 17, 2020 | Kaseya Virtual System Administrator (VSA) 7.x before 7.0.0.33, 8.x before 8.0.0.23, 9.0 before 9.0.0.19, and 9.1 before ... |
| CVE-2015-5617 | CRITICAL | 9.8 | 2.0% | Feb 12, 2020 | SQL injection vulnerability in pub/m_pending_news/delete_pending_news.jsp in Enorth Webpublisher CMS allows remote attac... |
| CVE-2015-5741 | CRITICAL | 9.8 | 2.7% | Feb 8, 2020 | The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remot... |
| CVE-2015-2909 | CRITICAL | 9.8 | 2.9% | Feb 6, 2020 | Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices rely on a GUI warning to help ensure that the... |
| CVE-2015-5628 | CRITICAL | 9.8 | 6.7% | Feb 5, 2020 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM... |
| CVE-2015-5627 | CRITICAL | 9.8 | 4.2% | Feb 5, 2020 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM... |
| CVE-2015-5626 | CRITICAL | 9.8 | 4.2% | Feb 5, 2020 | Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM... |
| CVE-2015-3613 | CRITICAL | 9.8 | 2.2% | Feb 4, 2020 | A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page |
| CVE-2015-8011 | CRITICAL | 9.8 | 5.4% | Jan 28, 2020 | Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to ... |
| CVE-2015-0244 | CRITICAL | 9.8 | 4.2% | Jan 27, 2020 | PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not ... |
| CVE-2015-4042 | CRITICAL | 9.8 | 2.3% | Jan 24, 2020 | Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to ... |
| CVE-2015-5334 | CRITICAL | 9.8 | 3.5% | Jan 23, 2020 | Off-by-one error in the OBJ_obj2txt function in LibreSSL before 2.3.1 allows remote attackers to cause a denial of servi... |
| CVE-2015-2784 | CRITICAL | 9.8 | 1.8% | Jan 21, 2020 | The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input. |
| CVE-2015-5952 | CRITICAL | 9.8 | 3.4% | Jan 15, 2020 | Directory traversal vulnerability in Thomson Reuters for FATCA before 5.2 allows remote attackers to execute arbitrary f... |
| CVE-2015-7874 | CRITICAL | 9.8 | 13.9% | Jan 15, 2020 | Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary ... |
| CVE-2015-8367 | CRITICAL | 9.8 | 5.5% | Jan 14, 2020 | The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbi... |
| CVE-2015-8366 | CRITICAL | 9.8 | 4.9% | Jan 14, 2020 | Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause me... |
| CVE-2015-5951 | CRITICAL | 9.9 | 2.7% | Jan 6, 2020 | A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to ... |
| CVE-2015-3166 | CRITICAL | 9.8 | 4.6% | Nov 20, 2019 | The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, a... |
| CVE-2015-8980 | CRITICAL | 9.8 | 6.7% | Nov 4, 2019 | The plural form formula in ngettext family of calls in php-gettext before 1.0.12 allows remote attackers to execute arbi... |
Check if your code is affected by 2015 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now