2015 CVE Vulnerabilities
8,779 CVEs published in 2015.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2015-8390 | CRITICAL | 9.8 | 4.6% | Dec 2, 2015 | PCRE before 8.38 mishandles the [: and \\ substrings in character classes, which allows remote attackers to cause a deni... |
| CVE-2015-8389 | CRITICAL | 9.8 | 3.9% | Dec 2, 2015 | PCRE before 8.38 mishandles the /(?:|a|){100}x/ pattern and related patterns, which allows remote attackers to cause a d... |
| CVE-2015-8386 | CRITICAL | 9.8 | 7.1% | Dec 2, 2015 | PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows re... |
| CVE-2015-8383 | CRITICAL | 9.8 | 6.1% | Dec 2, 2015 | PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of serv... |
| CVE-2015-8103 | CRITICAL | 9.8 | 86.8% | Nov 25, 2015 | The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary co... |
| CVE-2015-4852 | CRITICAL | 9.8 | 96.0% | Nov 18, 2015 | The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers ... |
| CVE-2015-8104 | CRITICAL | 10 | 2.5% | Nov 16, 2015 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denia... |
| CVE-2015-6490 | CRITICAL | 9.8 | 7.0% | Oct 28, 2015 | Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN ... |
| CVE-2015-0987 | CRITICAL | 10 | 1.2% | Oct 6, 2015 | Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext pa... |
| CVE-2015-0537 | CRITICAL | 9.8 | 2.6% | Aug 20, 2015 | Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 an... |
| CVE-2015-2590 | CRITICAL | 9.8 | 25.7% | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attac... |
| CVE-2015-5123 | CRITICAL | 9.8 | 18.5% | Jul 14, 2015 | Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13... |
| CVE-2015-5122 | CRITICAL | 9.8 | 93.7% | Jul 14, 2015 | Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player... |
| CVE-2015-5119 | CRITICAL | 9.8 | 99.3% | Jul 8, 2015 | Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.... |
| CVE-2015-0192 | CRITICAL | 9.8 | 4.5% | Jul 2, 2015 | Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR... |
| CVE-2015-3113 | CRITICAL | 9.8 | 99.9% | Jun 23, 2015 | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows an... |
| CVE-2015-4068 | CRITICAL | 9.1 | 63.6% | May 29, 2015 | Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive inform... |
| CVE-2015-3043 | CRITICAL | 9.8 | 79.8% | Apr 14, 2015 | Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457... |
| CVE-2015-1635 | CRITICAL | 9.8 | 100.0% | Apr 14, 2015 | HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold an... |
| CVE-2015-1427 | CRITICAL | 9.8 | 99.9% | Feb 17, 2015 | The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the s... |
| CVE-2015-0313 | CRITICAL | 9.8 | 95.7% | Feb 2, 2015 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows ... |
| CVE-2015-0311 | CRITICAL | 9.8 | 85.8% | Jan 23, 2015 | Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Window... |
Check if your code is affected by 2015 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now