Skip to main content
CVE-2015-1641 HIGH KEV PATCH THREAT Act Now

Microsoft Word 2007 through 2013 and SharePoint components contain a memory corruption vulnerability in RTF processing that allows remote code execution, heavily exploited by multiple APT groups throughout 2015-2017.

Buffer Overflow Microsoft RCE Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
93.6%
Threat
7.9
CVE-2014-9145 HIGH POC This Week

Multiple SQL injection vulnerabilities in Fiyo CMS 2.0.1.8 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an edit action to dapur/index.php; (2) cat, (3) user,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Fiyo Cms
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.0%
CVE-2015-1644 HIGH PATCH This Week

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.8%
CVE-2015-1643 HIGH PATCH This Week

Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +6
NVD
CVSS 2.0
7.2
EPSS
2.3%
CVE-2014-8360 HIGH This Week

Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .._ (dot dot underscore) in an item. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal PHP Glpi
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2015-0098 HIGH This Week

Task Scheduler in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges by triggering application execution by an invalid task, aka "Task Scheduler Elevation of. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows Server 2008
NVD
CVSS 2.0
7.2
EPSS
0.8%
CVE-2015-2831 HIGH This Week

Buffer overflow in das_watchdog 0.9.0 allows local users to execute arbitrary code with root privileges via a large string in the XAUTHORITY environment variable. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Das Watchdog
NVD GitHub
CVSS 2.0
7.2
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy