Skip to main content
CVE-2015-0318 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 89.2%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
89.2%
Threat
6.2
CVE-2014-9636 MEDIUM PATCH This Month

unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 58.4%.

Denial Of Service Buffer Overflow Unzip Ubuntu Linux Debian Linux +1
NVD
CVSS 2.0
5.0
EPSS
58.4%
CVE-2015-0329 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
11.4%
CVE-2015-0321 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
11.4%
CVE-2015-0316 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
11.4%
CVE-2015-0314 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
11.4%
CVE-2014-0603 CRITICAL Act Now

The rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to cause a denial of service (memory corruption) and execute arbitrary code via vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Code Injection Reflection Ftp Client
NVD
CVSS 2.0
10.0
EPSS
11.4%
CVE-2015-0330 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.7%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
10.7%
CVE-2015-1467 HIGH POC This Week

Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Fork Cms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.3%
CVE-2015-0319 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
8.8%
CVE-2015-0317 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code by leveraging an. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
8.8%
CVE-2015-0326 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Denial Of Service Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
8.7%
CVE-2015-0325 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Denial Of Service Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
8.7%
CVE-2015-1442 HIGH POC This Week

SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Zerocms
NVD
CVSS 2.0
7.5
EPSS
1.0%
CVE-2014-0604 CRITICAL Act Now

Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Reflection Ftp Client
NVD
CVSS 2.0
10.0
EPSS
8.2%
CVE-2015-0327 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Buffer Overflow RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
7.9%
CVE-2015-0324 CRITICAL PATCH Act Now

Buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Buffer Overflow RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
7.9%
CVE-2015-0323 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Buffer Overflow RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
7.9%
CVE-2015-1514 HIGH POC This Week

Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Famoc
NVD
CVSS 2.0
7.5
EPSS
0.4%
CVE-2014-9632 HIGH POC This Week

The TDI driver (avgtdix.sys) in AVG Internet Security before 2013.3495 Hot Fix 18 and 2015.x before 2015.5315 and Protection before 2015.5315 allows local users to write to arbitrary memory. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Protection Internet Security
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.8%
CVE-2014-9642 HIGH POC This Week

bdagent.sys in BullGuard Antivirus, Internet Security, Premium Protection, and Online Backup before 15.0.288 allows local users to write data to arbitrary memory locations, and consequently gain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Bdagent Sys Internet Security Online Backup Premium Protection
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
1.1%
CVE-2014-0605 CRITICAL Act Now

Directory traversal vulnerability in the rftpcom.dll ActiveX control in Attachmate Reflection FTP Client before 14.1.429 allows remote attackers to execute arbitrary code via unspecified vectors to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal RCE Reflection Ftp Client
NVD
CVSS 2.0
10.0
EPSS
6.9%
CVE-2015-0322 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
6.8%
CVE-2014-9643 HIGH POC This Week

K7Sentry.sys in K7 Computing Ultimate Security, Anti-Virus Plus, and Total Security before 14.2.0.253 allows local users to write to arbitrary memory locations, and consequently gain privileges, via. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation K7Sentry Sys Anti Virus Plus Total Security Ultimate Security
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.7%
CVE-2015-0328 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Denial Of Service Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
6.6%
CVE-2014-9641 HIGH POC This Week

The tmeext.sys driver before 2.0.0.1015 in Trend Micro Antivirus Plus, Internet Security, and Maximum Security allows local users to write to arbitrary memory locations, and consequently gain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Privilege Escalation Tmeext Sys
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.5%
CVE-2015-1305 MEDIUM POC This Month

McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a crafted (1) 0x00224014 or (2) 0x0022c018. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Privilege Escalation Data Loss Prevention Endpoint
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
0.5%
CVE-2014-5332 MEDIUM POC This Month

Race condition in NVMap in NVIDIA Tegra Linux Kernel 3.10 allows local users to gain privileges via a crafted NVMAP_IOC_CREATE IOCTL call, which triggers a use-after-free error, as demonstrated by. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Race Condition Information Disclosure Nvidia Google Linux +2
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2015-0320 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
3.9%
CVE-2015-0315 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
3.9%
CVE-2014-9353 CRITICAL Act Now

NetApp OnCommand Balance before 4.2P2 contains a "default privileged account," which allows remote attackers to gain privileges via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Oncommand Balance
NVD
CVSS 2.0
10.0
EPSS
1.3%
CVE-2015-1512 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in FancyFon FAMOC before 3.17.4 allow remote attackers to inject arbitrary web script or HTML via the (1) LoginForm[username] to ui/system/login or. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP Famoc
NVD
CVSS 2.0
4.3
EPSS
0.3%
CVE-2015-1209 HIGH This Week

Use-after-free vulnerability in the VisibleSelection::nonBoundaryShadowTreeRootNode function in core/editing/VisibleSelection.cpp in the DOM implementation in Blink, as used in Google Chrome before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Google Microsoft +8
NVD
CVSS 2.0
7.5
EPSS
1.4%
CVE-2015-1212 HIGH This Week

Multiple unspecified vulnerabilities in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before 40.0.2214.109 on Android allow attackers to cause a denial of service or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Microsoft Chrome Ubuntu Linux +6
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-1211 HIGH This Week

The OriginCanAccessServiceWorkers function in content/browser/service_worker/service_worker_dispatcher_host.cc in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and before. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Information Disclosure Microsoft Chrome Ubuntu Linux +6
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-1513 HIGH This Week

SQL injection vulnerability in SIPhone Enterprise PBX allows remote attackers to execute arbitrary SQL commands via the Username. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Siphone Enterprise Pbx
NVD
CVSS 2.0
7.5
EPSS
0.3%
CVE-2015-1210 MEDIUM This Month

The V8ThrowException::createDOMException function in bindings/core/v8/V8ThrowException.cpp in the V8 bindings in Blink, as used in Google Chrome before 40.0.2214.111 on Windows, OS X, and Linux and. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Google Microsoft Chrome Ubuntu Linux +6
NVD
CVSS 2.0
5.0
EPSS
0.6%
CVE-2015-1444 MEDIUM This Month

Multiple cross-site scripting (XSS) vulnerabilities in the web administration frontend in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 allow remote attackers to inject arbitrary. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Fli4L
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-9354 MEDIUM This Month

NetApp OnCommand Balance before 4.2P3 allows local users to obtain sensitive information via unspecified vectors related to cleartext storage. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Oncommand Balance
NVD
CVSS 2.0
4.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy