Skip to main content
CVE-2015-0336 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 88.7%.

Adobe RCE Microsoft Flash Player
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
88.7%
Threat
6.0
CVE-2015-0339 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
9.3%
CVE-2015-0335 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
9.3%
CVE-2015-0333 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
9.3%
CVE-2015-0332 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +1
NVD
CVSS 2.0
10.0
EPSS
8.7%
CVE-2015-0653 CRITICAL Act Now

The management interface in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X7.2.4, X8 before X8.1.2, and X8.2 before X8.2.2 and Cisco TelePresence Conductor before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Authentication Bypass Expressway Software Telepresence Conductor Telepresence Video Communication Server Software
NVD
CVSS 2.0
10.0
EPSS
7.8%
CVE-2015-0342 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
5.2%
CVE-2015-0341 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
5.2%
CVE-2015-0338 CRITICAL PATCH Act Now

Integer overflow in Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
10.0
EPSS
4.0%
CVE-2015-0334 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Adobe RCE Microsoft Flash Player
NVD
CVSS 2.0
9.3
EPSS
5.0%
CVE-2015-0652 HIGH This Week

The Session Description Protocol (SDP) implementation in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway before X8.2 and Cisco TelePresence Conductor before XC2.4 allows. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Denial Of Service Expressway Software Telepresence Conductor Telepresence Video Communication Server Software
NVD
CVSS 2.0
7.8
EPSS
0.4%
CVE-2015-1782 MEDIUM This Month

The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Debian Linux Libssh2 Fedora
NVD
CVSS 2.0
6.8
EPSS
4.1%
CVE-2015-0654 HIGH This Week

Race condition in the TLS implementation in MainApp in the management interface in Cisco Intrusion Prevention System (IPS) Software before 7.3(3)E4 allows remote attackers to cause a denial of. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Race Condition Cisco Denial Of Service Intrusion Prevention System
NVD
CVSS 2.0
7.1
EPSS
0.3%
CVE-2015-2264 MEDIUM This Month

Multiple untrusted search path vulnerabilities in (1) EQATEC.Analytics.Monitor.Win32_vc100.dll and (2) EQATEC.Analytics.Monitor.Win32_vc100-x64.dll in Telerik Analytics Monitor Library before 3.2.125. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Analytics Monitor Library
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2014-6214 MEDIUM PATCH This Month

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

IBM XSS CSRF Websphere Portal
NVD
CVSS 2.0
6.8
EPSS
0.1%
CVE-2015-0340 MEDIUM PATCH This Month

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass intended file-upload restrictions. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft Flash Player
NVD
CVSS 2.0
5.0
EPSS
1.2%
CVE-2015-2091 MEDIUM This Month

The authentication hook (mgs_hook_authz) in mod-gnutls 0.5.10 and earlier does not validate client certificates when "GnuTLSClientVerify require" is set, which allows remote attackers to spoof. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mod Gnutls
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-0337 MEDIUM PATCH This Month

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows remote attackers to bypass the Same Origin Policy via. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Privilege Escalation Microsoft Flash Player
NVD
CVSS 2.0
5.0
EPSS
0.7%
CVE-2015-0133 MEDIUM PATCH This Month

IBM WebSphere Commerce 7.0 Feature Pack 4 through 8 allows remote attackers to read arbitrary files and possibly obtain administrative privileges via an XML external entity declaration in conjunction. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

IBM XXE Websphere Commerce
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2015-0177 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Websphere Portal
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0139 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote authenticated users to inject arbitrary web script or HTML via a. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Websphere Portal
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0123 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Team Concert
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0122 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Team Concert
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-0129 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 4.x before 4.0.7 iFix3 and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Quality Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2014-6144 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager (RQM) 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Rational Quality Manager
NVD
CVSS 2.0
3.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy