Skip to main content
CVE-2014-6362 MEDIUM This Month

Use-after-free vulnerability in Microsoft Office 2007 SP3, 2010 SP2, and 2013 Gold and SP1 allows remote attackers to bypass the ASLR protection mechanism via a crafted document, aka "Microsoft. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 32.3% and no vendor patch available.

Denial Of Service Microsoft Office
NVD
CVSS 2.0
4.3
EPSS
32.3%
CVE-2015-1578 MEDIUM POC This Month

Multiple open redirect vulnerabilities in u5CMS before 3.9.4 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) pidvesa cookie to. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP Open Redirect U5Cms
NVD Exploit-DB
CVSS 2.0
5.8
EPSS
4.5%
CVE-2015-0060 MEDIUM POC PATCH This Month

The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated medium severity (CVSS 4.7). Public exploit code available.

Denial Of Service Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
4.7
EPSS
2.5%
CVE-2015-1575 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in u5CMS before 3.9.4 allow remote attackers to inject arbitrary web script or HTML via the (1) c, (2) i, (3) l, or (4) p parameter to index.php;. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS PHP U5Cms
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
4.3%
CVE-2015-0069 MEDIUM This Month

Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.4% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
23.4%
CVE-2015-0051 MEDIUM This Month

Microsoft Internet Explorer 8 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 23.4% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
23.4%
CVE-2015-0070 MEDIUM This Month

Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.3% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
22.3%
CVE-2015-0061 MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.1%.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.3
EPSS
22.1%
CVE-2015-1582 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in the Spider Facebook plugin before 1.0.11 for WordPress allow (1) remote attackers to inject arbitrary web script or HTML via the appid parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS WordPress PHP Spider Facebook
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2015-0009 LOW POC PATCH Monitor

The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
3.3
EPSS
4.1%
CVE-2015-0012 MEDIUM PATCH This Month

Microsoft System Center Virtual Machine Manager (VMM) 2012 R2 Update Rollup 4 does not properly validate the roles of users, which allows local users to obtain server and virtual-machine. Rated medium severity (CVSS 6.9).

Privilege Escalation Microsoft Virtual Machine Manager
NVD
CVSS 2.0
6.9
EPSS
3.9%
CVE-2015-0062 HIGH PATCH This Week

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD
CVSS 2.0
7.2
EPSS
1.4%
CVE-2015-0010 LOW POC PATCH Monitor

The CryptProtectMemory function in cng.sys (aka the Cryptography Next Generation driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2. Rated low severity (CVSS 1.9). Public exploit code available.

Authentication Bypass Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
1.9
EPSS
1.7%
CVE-2015-0055 MEDIUM This Month

Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
7.9%
CVE-2015-0054 MEDIUM This Month

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
7.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy