Skip to main content
CVE-2015-1172 HIGH POC THREAT Act Now

Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme (aka holding_pattern) 0.6 and earlier for WordPress allows remote attackers to execute arbitrary PHP code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 81.2%.

WordPress PHP File Upload Holding Pattern
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
81.2%
Threat
5.4
CVE-2015-0057 HIGH POC PATCH THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 68.4%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
68.4%
Threat
5.0
CVE-2015-0008 HIGH POC PATCH This Week

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. Public exploit code available.

Microsoft RCE Authentication Bypass Windows 7 Windows 8 +7
NVD Exploit-DB
CVSS 2.0
8.3
EPSS
9.0%
CVE-2015-0058 HIGH POC PATCH This Week

Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 8 1 Windows Rt 8 1 Windows Server 2012
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
7.7%
CVE-2015-1518 HIGH POC This Week

SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Redaxscript
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
2.5%
CVE-2015-1576 HIGH POC This Week

Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi U5Cms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-0062 HIGH PATCH This Week

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD
CVSS 2.0
7.2
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy