Skip to main content
CVE-2015-0089 MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.3%.

Adobe Information Disclosure Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
5.0
EPSS
27.3%
CVE-2015-2182 MEDIUM POC THREAT This Month

Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.7%.

XSS PHP Zeuscart
NVD Exploit-DB GitHub
CVSS 2.0
4.3
EPSS
10.7%
CVE-2015-0087 MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.0%.

Adobe Information Disclosure Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
5.0
EPSS
27.0%
CVE-2015-1067 MEDIUM POC This Month

Secure Transport in Apple iOS before 8.2, Apple OS X through 10.10.2, and Apple TV before 7.1 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Apple Information Disclosure Mac Os X Tvos Iphone Os
NVD
CVSS 2.0
4.3
EPSS
4.8%
CVE-2015-0005 MEDIUM POC This Month

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to. Rated medium severity (CVSS 4.3). Public exploit code available and no vendor patch available.

Information Disclosure Microsoft Windows 2003 Server Windows Server 2008 Windows Server 2012
NVD
CVSS 2.0
4.3
EPSS
2.4%
CVE-2015-1026 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in ZOHO ManageEngine ADManager Plus before 6.2 Build 6270 allow remote attackers to inject arbitrary web script or HTML via the (1). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Zoho XSS Manageengine Admanager Plus
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2015-0074 MEDIUM PATCH This Month

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.6%.

Denial Of Service Adobe Buffer Overflow Microsoft Windows 7 +8
NVD
CVSS 2.0
4.3
EPSS
14.6%
CVE-2015-1631 MEDIUM This Month

Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof meeting organizers via unspecified vectors, aka "Exchange Forged Meeting Request Spoofing Vulnerability.". Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Exchange Server
NVD
CVSS 2.0
5.0
EPSS
8.6%
CVE-2015-1627 MEDIUM This Month

Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
8.4%
CVE-2015-0080 MEDIUM PATCH This Month

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
4.3
EPSS
8.1%
CVE-2015-0076 MEDIUM PATCH This Month

The photo-decoder implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
4.3
EPSS
7.6%
CVE-2015-0095 MEDIUM PATCH This Month

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and. Rated medium severity (CVSS 5.6), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Denial Of Service Null Pointer Dereference Microsoft Windows 7 Windows 8 +7
NVD
CVSS 2.0
5.6
EPSS
0.6%
CVE-2015-1630 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Exchange Server
NVD
CVSS 2.0
4.3
EPSS
6.9%
CVE-2015-1629 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Exchange Server
NVD
CVSS 2.0
4.3
EPSS
6.9%
CVE-2015-1628 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Exchange Server
NVD
CVSS 2.0
4.3
EPSS
6.9%
CVE-2015-1632 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in errorfe.aspx in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

XSS Microsoft Exchange Server
NVD
CVSS 2.0
4.3
EPSS
6.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy