Export limit exceeded: 16272 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 336750 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (8949 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-5770 | 1 Apple | 1 Iphone Os | 2025-04-12 | N/A |
| MobileInstallation in Apple iOS before 8.4.1 does not ensure the uniqueness of universal provisioning profile bundle IDs, which allows attackers to replace arbitrary extensions via a crafted enterprise app. | ||||
| CVE-2015-5222 | 1 Redhat | 1 Openshift | 2025-04-12 | N/A |
| Red Hat OpenShift Enterprise 3.0.0.0 does not properly check permissions, which allows remote authenticated users with build permissions to execute arbitrary shell commands with root permissions on arbitrary build pods via unspecified vectors. | ||||
| CVE-2015-5217 | 1 Ipsilon Project | 1 Ipsilon | 2025-04-12 | N/A |
| providers/saml2/admin.py in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly check permissions to update the SAML2 Service Provider (SP) owner, which allows remote authenticated users to cause a denial of service via a duplicate SP name. | ||||
| CVE-2015-5198 | 2 Canonical, Libvdpau Project | 2 Ubuntu Linux, Libvdpau | 2025-04-12 | N/A |
| libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAU_DRIVER_PATH environment variable. | ||||
| CVE-2015-5167 | 1 Apache | 1 Ranger | 2025-04-12 | N/A |
| The Policy Admin Tool in Apache Ranger before 0.5.1 allows remote authenticated users to bypass intended access restrictions via the REST API. | ||||
| CVE-2015-5166 | 2 Fedoraproject, Xen | 2 Fedora, Xen | 2025-04-12 | N/A |
| Use-after-free vulnerability in QEMU in Xen 4.5.x and earlier does not completely unplug emulated block devices, which allows local HVM guest users to gain privileges by unplugging a block device twice. | ||||
| CVE-2015-5157 | 2 Linux, Redhat | 9 Linux Kernel, Enterprise Linux, Enterprise Linux Desktop and 6 more | 2025-04-12 | N/A |
| arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI. | ||||
| CVE-2015-5106 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-4446 and CVE-2015-5090. | ||||
| CVE-2015-5090 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-04-12 | N/A |
| Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-4446 and CVE-2015-5106. | ||||
| CVE-2015-5051 | 1 Ibm | 9 Maximo Asset Management, Maximo Asset Management Essentials, Maximo For Government and 6 more | 2025-04-12 | N/A |
| IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset Management 7.5 before 7.5.0.8 IF6, 7.5.1, and 7.6 before 7.6.0.2 IF1 for SmartCloud Control Desk allow remote authenticated users to bypass intended access restrictions on query results via unspecified vectors. | ||||
| CVE-2015-5043 | 1 Ibm | 1 Security Guardium | 2025-04-12 | N/A |
| diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, 9.5, and 10.0 before p6015 allows local users to obtain root access via unspecified key sequences. | ||||
| CVE-2015-5020 | 1 Ibm | 1 Infosphere Biginsights | 2025-04-12 | N/A |
| The Big SQL component in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0 allows remote authenticated users to bypass intended access restrictions and truncate arbitrary tables via unspecified vectors. | ||||
| CVE-2015-5019 | 1 Ibm | 2 Sterling B2b Integrator, Sterling Integrator | 2025-04-12 | N/A |
| IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow remote authenticated users to read or upload files by leveraging a password-change requirement. | ||||
| CVE-2015-5005 | 1 Ibm | 2 Aix, Powerha System Mirror | 2025-04-12 | N/A |
| CSPOC in IBM PowerHA SystemMirror on AIX 6.1 and 7.1 allows remote authenticated users to perform an "su root" action by leveraging presence on the cluster-wide password-change list. | ||||
| CVE-2015-4997 | 1 Ibm | 1 Websphere Portal | 2025-04-12 | N/A |
| IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access restrictions via a crafted request. | ||||
| CVE-2015-4964 | 1 Ibm | 1 Urbancode Deploy | 2025-04-12 | N/A |
| IBM UrbanCode Deploy 6.0 and 6.0.1.x before 6.0.1.10, 6.1.1.x before 6.1.1.8, and 6.1.2 writes admin AUTH_TOKEN values to execution logs, which allows remote authenticated users to gain privileges by leveraging the ability to create and execute a process. | ||||
| CVE-2015-4394 | 1 Services Project | 1 Services | 2025-04-12 | N/A |
| The Services module 7.x-3.x before 7.x-3.12 for Drupal allows remote attackers to bypass the field_access restriction and obtain sensitive private field information via unspecified vectors. | ||||
| CVE-2015-4389 | 1 Open Graph Importer Project | 1 Open Graph Importer | 2025-04-12 | N/A |
| The Open Graph Importer (og_tag_importer) 7.x-1.x for Drupal does not properly check the create permission for content types created during import, which allows remote authenticated users to bypass intended restrictions by leveraging the "import og_tag_importer" permission. | ||||
| CVE-2015-4351 | 1 Web-dorado | 1 Web-dorado Spider Video Player | 2025-04-12 | N/A |
| The Spider Video Player module for Drupal allows remote authenticated users with the "access Spider Video Player administration" permission to delete arbitrary files via a crafted URL. | ||||
| CVE-2015-4344 | 1 Services Basic Authentication Project | 1 Services Basic Authentication | 2025-04-12 | N/A |
| The Services Basic Authentication module 7.x-1.x through 7.x-1.3 for Drupal allows remote attackers to bypass intended resource restrictions via vectors related to page caching. | ||||