Skip to main content
CVE-2015-2419 HIGH POC KEV PATCH THREAT Act Now

JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "JScript9 Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft
NVD Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
69.4%
Threat
6.8
CVE-2015-2424 HIGH KEV PATCH THREAT Act Now

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 76.5%.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft
NVD VulDB
CVSS 3.1
8.8
EPSS
76.5%
Threat
5.6
CVE-2015-2387 HIGH KEV PATCH THREAT Act Now

The Adobe Type Manager Font Driver (ATMFD.DLL) in Windows contains a memory corruption vulnerability that allows local privilege escalation, exploited by the Duqu 2.0 malware in targeted attacks against diplomatic entities.

Adobe Buffer Overflow Microsoft Memory Corruption
NVD VulDB
CVSS 3.1
7.8
EPSS
31.2%
Threat
6.0
CVE-2015-2425 HIGH KEV PATCH THREAT Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 34.1%.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft
NVD VulDB
CVSS 3.1
8.8
EPSS
34.1%
Threat
4.3
CVE-2015-2366 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +4
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.9%
CVE-2015-2365 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.9%.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.9%
CVE-2015-3258 HIGH Act Now

Heap-based buffer overflow in the WriteProlog function in filter/texttopdf.c in texttopdf in cups-filters before 1.0.70 allows remote attackers to cause a denial of service (crash) or possibly. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 37.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Ubuntu Linux Debian Linux +1
NVD
CVSS 2.0
7.5
EPSS
37.1%
CVE-2015-3279 HIGH Act Now

Integer overflow in filter/texttopdf.c in texttopdf in cups-filters before 1.0.71 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted line. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 34.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Cups Filters Ubuntu Linux +1
NVD
CVSS 2.0
7.5
EPSS
34.5%
CVE-2015-2370 HIGH POC This Week

The authentication implementation in the RPC subsystem in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
9.7%
CVE-2015-1560 HIGH POC This Week

SQL injection vulnerability in the isUserAdmin function in include/common/common-Func.php in Centreon (formerly Merethis Centreon) 2.5.4 and earlier (fixed in Centreon web 2.7.0) allows remote. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Centreon
NVD GitHub Exploit-DB
CVSS 2.0
7.5
EPSS
3.0%
CVE-2015-5143 HIGH PATCH Act Now

The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 15.8%.

Denial Of Service Python Django Debian Linux Solaris +1
NVD
CVSS 2.0
7.8
EPSS
15.8%
CVE-2015-1763 HIGH Act Now

Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not prevent use of uninitialized memory in certain attempts to execute virtual functions, which allows. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. Epss exploitation probability 10.7% and no vendor patch available.

Microsoft RCE Authentication Bypass Sql Server
NVD
CVSS 2.0
8.5
EPSS
10.7%
CVE-2015-5145 HIGH PATCH This Week

validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Python Django
NVD
CVSS 2.0
7.8
EPSS
0.8%
CVE-2015-5147 HIGH PATCH This Week

Stack-based buffer overflow in the header_anchor function in the HTML renderer in Redcarpet before 3.3.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Buffer Overflow Redcarpet
NVD GitHub
CVSS 2.0
7.5
EPSS
1.2%
CVE-2015-1762 HIGH This Week

Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when transactional replication is configured, does not prevent use of uninitialized memory in unspecified. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

RCE Microsoft Sql Server
NVD
CVSS 2.0
7.1
EPSS
2.2%
CVE-2015-5358 HIGH This Week

Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R7, 13.2X51 before 13.2X51-D35,. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.1
EPSS
1.9%
CVE-2015-2364 HIGH This Week

The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-2363 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2015-2362 HIGH This Week

Hyper-V in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly initialize guest OS system data structures, which allows guest. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

RCE Microsoft Windows 8 Windows 8 1 Windows Server 2008 +1
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2015-2361 HIGH This Week

Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 does not properly initialize guest OS system data structures, which allows guest OS users to execute arbitrary code on the host OS or cause. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Windows 8 1 +1
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2015-3007 HIGH This Week

The Juniper SRX Series services gateways with Junos OS 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, and 12.3X48 before 12.3X48-D15 do not properly implement the "set system ports console. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2015-5359 HIGH This Week

Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R7, 13.3 before 13.3R5, 14.1R3. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

Juniper Denial Of Service Junos
NVD
CVSS 2.0
7.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy