Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-5qe5-pke2-sbc7
Summary
Multiple vulnerabilities have been found in Adobe Flash Player, the
    worst of which allows remote attackers to execute arbitrary code.
Aliases
0
alias CVE-2015-5122
Fixed_packages
0
url pkg:ebuild/www-plugins/adobe-flash@11.2.202.508
purl pkg:ebuild/www-plugins/adobe-flash@11.2.202.508
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/www-plugins/adobe-flash@11.2.202.508
Affected_packages
0
url pkg:rpm/redhat/flash-plugin@11.2.202.491-1?arch=el6_6
purl pkg:rpm/redhat/flash-plugin@11.2.202.491-1?arch=el6_6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5qe5-pke2-sbc7
1
vulnerability VCID-fhjh-1f3w-7yds
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.491-1%3Farch=el6_6
1
url pkg:rpm/redhat/flash-plugin@11.2.202.491-1?arch=el5
purl pkg:rpm/redhat/flash-plugin@11.2.202.491-1?arch=el5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5qe5-pke2-sbc7
1
vulnerability VCID-fhjh-1f3w-7yds
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/flash-plugin@11.2.202.491-1%3Farch=el5
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5122.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5122.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5122
reference_id
reference_type
scores
0
value 0.9278
scoring_system epss
scoring_elements 0.99759
published_at 2026-04-13T12:55:00Z
1
value 0.9278
scoring_system epss
scoring_elements 0.99758
published_at 2026-04-04T12:55:00Z
2
value 0.9278
scoring_system epss
scoring_elements 0.99764
published_at 2026-04-26T12:55:00Z
3
value 0.9278
scoring_system epss
scoring_elements 0.99761
published_at 2026-04-21T12:55:00Z
4
value 0.9278
scoring_system epss
scoring_elements 0.99757
published_at 2026-04-01T12:55:00Z
5
value 0.9278
scoring_system epss
scoring_elements 0.99763
published_at 2026-04-24T12:55:00Z
6
value 0.9278
scoring_system epss
scoring_elements 0.9976
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5122
2
reference_url http://www.securitytracker.com/id/1032890
reference_id 1032890
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://www.securitytracker.com/id/1032890
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1242216
reference_id 1242216
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1242216
4
reference_url http://www.kb.cert.org/vuls/id/338736
reference_id 338736
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://www.kb.cert.org/vuls/id/338736
5
reference_url https://www.exploit-db.com/exploits/37599/
reference_id 37599
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://www.exploit-db.com/exploits/37599/
6
reference_url http://www.securityfocus.com/bid/75712
reference_id 75712
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://www.securityfocus.com/bid/75712
7
reference_url http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf
reference_id adobe_flash_opaque_background_uaf
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://www.rapid7.com/db/modules/exploit/multi/browser/adobe_flash_opaque_background_uaf
8
reference_url http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html
reference_id Adobe-Flash-opaqueBackground-Use-After-Free.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://packetstormsecurity.com/files/132663/Adobe-Flash-opaqueBackground-Use-After-Free.html
9
reference_url https://helpx.adobe.com/security/products/flash-player/apsa15-04.html
reference_id apsa15-04.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://helpx.adobe.com/security/products/flash-player/apsa15-04.html
10
reference_url https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
reference_id apsb15-18.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://helpx.adobe.com/security/products/flash-player/apsb15-18.html
11
reference_url https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/
reference_id breaking-cfi-cve-2015-5122-coop
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://perception-point.io/2018/04/11/breaking-cfi-cve-2015-5122-coop/
12
reference_url https://perception-point.io/new/breaking-cfi.php
reference_id breaking-cfi.php
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://perception-point.io/new/breaking-cfi.php
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/37599.rb
reference_id CVE-2015-5122;OSVDB-124416
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/37599.rb
14
reference_url https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html
reference_id cve-2015-5122_-_seco.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://www.fireeye.com/blog/threat-research/2015/07/cve-2015-5122_-_seco.html
15
reference_url https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784
reference_id docDisplay?docId=emr_na-c04796784
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04796784
16
reference_url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467
reference_id docDisplay?docId=emr_na-c04952467
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04952467
17
reference_url https://security.gentoo.org/glsa/201508-01
reference_id GLSA-201508-01
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url https://security.gentoo.org/glsa/201508-01
18
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html
reference_id msg00028.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00028.html
19
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html
reference_id msg00029.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00029.html
20
reference_url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html
reference_id msg00032.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00032.html
21
reference_url https://access.redhat.com/errata/RHSA-2015:1235
reference_id RHSA-2015:1235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1235
22
reference_url http://rhn.redhat.com/errata/RHSA-2015-1235.html
reference_id RHSA-2015-1235.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://rhn.redhat.com/errata/RHSA-2015-1235.html
23
reference_url http://www.us-cert.gov/ncas/alerts/TA15-195A
reference_id TA15-195A
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-17T19:49:02Z/
url http://www.us-cert.gov/ncas/alerts/TA15-195A
Weaknesses
Exploits
0
date_added null
description 
This module exploits an use after free on Adobe Flash Player. The vulnerability,
          discovered by Hacking Team and made public as part of the July 2015 data leak, was
          described as an Use After Free while handling the opaqueBackground property
          7 setter of the flash.display.DisplayObject class. This module is an early release
          tested on:

          Windows XP SP3, IE8 and Flash 18.0.0.194,
          Windows XP SP3, IE 8 and Flash 18.0.0.203,
          Windows XP SP3, Firefox and Flash 18.0.0.203,
          Windows Vista SP2 + IE 9 and Flash 18.0.0.203,
          Windows Vista SP2 + Firefox 39.0 and Flash 18.0.0.203,
          Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.203,
          Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194,
          Windows 7 SP1 (32-bit), IE9 and Adobe Flash 18.0.0.203,
          Windows 7 SP1 (32-bit), Firefox and Adobe Flash 18.0.0.194,
          Windows 8.1 (32-bit), IE11 and Adobe Flash 18.0.0.194,
          windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.203,
          Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.160 and
          Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.194
          Windows 10 Build 10240 (32-bit) IE11, Firefox 39.0 and Adobe Flash 18.0.0.203
required_action null
due_date null
notes 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
known_ransomware_campaign_use false
source_date_published 2015-07-06
exploit_type null
platform Windows
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/adobe_flash_opaque_background_uaf.rb
1
date_added 2022-04-13
description Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service (DoS).
required_action The impacted product is end-of-life and should be disconnected if still in use.
due_date 2022-05-04
notes https://nvd.nist.gov/vuln/detail/CVE-2015-5122
known_ransomware_campaign_use false
source_date_published null
exploit_type null
platform null
source_date_updated null
data_source KEV
source_url null
2
date_added 2015-07-13
description Adobe Flash - opaqueBackground Use-After-Free (Metasploit)
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2015-07-13
exploit_type remote
platform windows
source_date_updated 2015-07-24
data_source Exploit-DB
source_url
Severity_range_score7.8 - 7.8
Exploitability2.0
Weighted_severity7.0
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-5qe5-pke2-sbc7