CVE-2015-7435

LOW Year: 2015
CVSS v3 Score
2.5
Low
CVSS v2 Score
1.9
Low
Weakness Type
CWE-254
View all →

Vulnerability Description

IBM Tivoli Common Reporting (TCR) 2.1 before IF14, 2.1.1 before IF22, 2.1.1.2 before IF9, 3.1.0.0 through 3.1.2 as used in Cognos Business Intelligence before 10.2 IF16, and 3.1.2.1 as used in Cognos Business Intelligence before 10.2.1.1 IF12 allows local users to bypass the Cognos Application Firewall (CAF) protection mechanism via leading whitespace in the BackURL field.

Related Vulnerabilities

CVE-2015-8801

LOW
CVSS:2.9(Low)

Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations befor...

CWE-2542015

CVE-2017-2752

LOW
CVSS:2.1(Low)

A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, ...

CWE-2542017

CVE-2016-8314

LOW
CVSS:3.1(Low)

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Core). Supported versions that are affected are 5.1.0, 5.2.0 and 11.5.0. Difficult ...

CWE-2542016

CVE-2016-0137

LOW
CVSS:3.3(Low)

The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."

CWE-2542016

CVE-2016-10772

LOW
CVSS:3.3(Low)

cPanel before 60.0.25 does not enforce feature-list restrictions when calling the multilang adminbin (SEC-168).

CWE-2542016

CVE-2016-3354

LOW
CVSS:3.3(Low)

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold...

CWE-2542016