Skip to main content
CVE-2015-1671 HIGH KEV PATCH THREAT Act Now

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 85.9%.

Microsoft RCE
NVD VulDB
CVSS 3.1
7.8
EPSS
85.9%
Threat
5.6
CVE-2015-3456 HIGH POC THREAT Act Now

The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute. Rated high severity (CVSS 7.7), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 32.8%.

Denial Of Service RCE Buffer Overflow Qemu Enterprise Virtualization +3
NVD Exploit-DB
CVSS 2.0
7.7
EPSS
32.8%
Threat
4.0
CVE-2015-3055 HIGH PATCH This Week

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
7.5
EPSS
2.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy