2015 CVE Vulnerabilities
8,779 CVEs published in 2015.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2015-9098 | CRITICAL | 9.8 | 14.2% | Jun 22, 2017 | In Redgate SQL Monitor before 3.10 and 4.x before 4.2, a remote attacker can gain unauthenticated access to the Base Mon... |
| CVE-2015-0936 | CRITICAL | 9.8 | 78.1% | Jun 1, 2017 | Ceragon FibeAir IP-10 have a default SSH public key in the authorized_keys file for the mateidu user, which allows remot... |
| CVE-2015-5211 | CRITICAL | 9.6 | 2.6% | May 25, 2017 | Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versio... |
| CVE-2015-2888 | CRITICAL | 9.8 | 2.3% | Apr 10, 2017 | Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to bypass authentication, related to the... |
| CVE-2015-8965 | CRITICAL | 9.8 | 2.7% | Apr 6, 2017 | Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbitrary Java code that... |
| CVE-2015-8972 | CRITICAL | 9.8 | 3.8% | Jan 23, 2017 | Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess (aka gnuchess) before 6.2.4 mi... |
| CVE-2015-8857 | CRITICAL | 9.8 | 3.6% | Jan 23, 2017 | The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean ... |
| CVE-2015-3210 | CRITICAL | 9.8 | 9.2% | Dec 13, 2016 | Heap-based buffer overflow in PCRE 8.34 through 8.37 and PCRE2 10.10 allows remote attackers to execute arbitrary code v... |
| CVE-2015-8969 | CRITICAL | 9.8 | 4.8% | Nov 3, 2016 | git-fastclone before 1.0.5 passes user modifiable strings directly to a shell command. An attacker can execute malicious... |
| CVE-2015-0573 | CRITICAL | 9.8 | 1.7% | Aug 7, 2016 | drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Ce... |
| CVE-2015-8880 | CRITICAL | 9.8 | 3.0% | May 22, 2016 | Double free vulnerability in the format printer in PHP 7.x before 7.0.1 allows remote attackers to have an unspecified i... |
| CVE-2015-8866 | CRITICAL | 9.6 | 4.0% | May 22, 2016 | ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from... |
| CVE-2015-8812 | CRITICAL | 9.8 | 14.3% | Apr 27, 2016 | drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which ... |
| CVE-2015-8841 | CRITICAL | 9.8 | 8.9% | Apr 12, 2016 | Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to ex... |
| CVE-2015-8710 | CRITICAL | 9.8 | 4.8% | Apr 11, 2016 | The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denia... |
| CVE-2015-7921 | CRITICAL | 9.1 | 2.0% | Apr 6, 2016 | The FTP server in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFX... |
| CVE-2015-8787 | CRITICAL | 9.8 | 9.2% | Feb 8, 2016 | The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attack... |
| CVE-2015-7512 | CRITICAL | 9 | 7.7% | Jan 8, 2016 | Buffer overflow in the pcnet_receive function in hw/net/pcnet.c in QEMU, when a guest NIC has a larger MTU, allows remot... |
| CVE-2015-8668 | CRITICAL | 9.8 | 13.7% | Jan 8, 2016 | Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier ... |
| CVE-2015-7450 | CRITICAL | 9.8 | 97.7% | Jan 2, 2016 | Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and ... |
| CVE-2015-7755 | CRITICAL | 9.8 | 61.4% | Dec 19, 2015 | Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r... |
| CVE-2015-6420 | CRITICAL | 9.8 | 18.8% | Dec 15, 2015 | Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Netw... |
| CVE-2015-6764 | CRITICAL | 9.8 | 4.7% | Dec 6, 2015 | The BasicJsonStringifier::SerializeJSArray function in json-stringifier.h in the JSON stringifier in Google V8, as used ... |
| CVE-2015-8394 | CRITICAL | 9.8 | 4.8% | Dec 2, 2015 | PCRE before 8.38 mishandles the (?(<digits>) and (?(R<digits>) conditions, which allows remote attackers to cause a deni... |
| CVE-2015-8391 | CRITICAL | 9.8 | 6.4% | Dec 2, 2015 | The pcre_compile function in pcre_compile.c in PCRE before 8.38 mishandles certain [: nesting, which allows remote attac... |
Check if your code is affected by 2015 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now