Skip to main content
CVE-2015-5133 CRITICAL POC PATCH THREAT Act Now

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK &. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.5%.

Adobe Buffer Overflow RCE Microsoft Flash Player +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
71.5%
Threat
5.6
CVE-2015-5132 CRITICAL POC PATCH THREAT Act Now

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK &. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.5%.

Adobe Buffer Overflow RCE Microsoft Flash Player +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
71.5%
Threat
5.6
CVE-2015-5131 CRITICAL POC PATCH THREAT Act Now

Buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK &. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.5%.

Adobe Buffer Overflow RCE Microsoft Flash Player +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
71.5%
Threat
5.6
CVE-2015-5563 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 58.2%.

Adobe RCE Microsoft Air Air Sdk +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
58.2%
Threat
5.2
CVE-2015-5562 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 58.2%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
58.2%
Threat
5.2
CVE-2015-5560 CRITICAL POC PATCH THREAT Act Now

Integer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK &. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
53.1%
Threat
5.1
CVE-2015-5134 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 53.0%.

Adobe RCE Microsoft Flash Player Evergreen +3
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
53.0%
Threat
5.1
CVE-2015-5130 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 53.0%.

Adobe RCE Microsoft Evergreen Flash Player +3
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
53.0%
Threat
5.1
CVE-2015-5127 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 53.0%.

Adobe RCE Microsoft Flash Player Evergreen +3
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
53.0%
Threat
5.1
CVE-2015-5540 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 51.2%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
51.2%
Threat
5.0
CVE-2015-5539 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 51.2%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
51.2%
Threat
5.0
CVE-2015-5561 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5558 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5557 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5556 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Air Air Sdk +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5555 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Air Air Sdk +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5554 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5551 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5550 CRITICAL POC PATCH THREAT Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 47.0%.

Adobe RCE Microsoft Flash Player Air +2
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
47.0%
Threat
4.9
CVE-2015-5549 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
46.1%
Threat
4.9
CVE-2015-5548 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
46.1%
Threat
4.9
CVE-2015-5547 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
46.1%
Threat
4.9
CVE-2015-5546 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
46.1%
Threat
4.9
CVE-2015-5545 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
46.1%
Threat
4.9
CVE-2015-5544 CRITICAL POC PATCH THREAT Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.1%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
46.1%
Threat
4.9
CVE-2015-2444 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 25.6%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
25.6%
Threat
4.1
CVE-2014-3576 HIGH PATCH Act Now

The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.7%.

Denial Of Service Privilege Escalation Java Apache Activemq +2
NVD GitHub
CVSS 3.0
7.5
EPSS
40.7%
CVE-2015-2447 CRITICAL Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
28.8%
CVE-2015-2452 CRITICAL Act Now

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2015-2451 CRITICAL Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2015-2450 CRITICAL Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2015-2448 CRITICAL Act Now

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability.". Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2015-2446 CRITICAL Act Now

Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2015-2442 CRITICAL Act Now

Microsoft Internet Explorer 8 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer +1
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2015-2441 CRITICAL Act Now

Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2015-2443 CRITICAL Act Now

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability.". Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
16.3%
CVE-2015-5696 MEDIUM POC THREAT This Month

Dell Netvault Backup before 10.0.5 allows remote attackers to cause a denial of service (crash) via a crafted request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 16.2%.

Denial Of Service Dell Netvault Backup
NVD Exploit-DB
CVSS 2.0
5.0
EPSS
16.2%
CVE-2015-5541 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Buffer Overflow RCE Microsoft Flash Player +3
NVD
CVSS 2.0
10.0
EPSS
9.5%
CVE-2015-5565 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Air Air Sdk +2
NVD
CVSS 2.0
10.0
EPSS
4.8%
CVE-2015-5553 CRITICAL PATCH Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
4.2%
CVE-2015-5552 CRITICAL PATCH Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
4.2%
CVE-2015-5125 CRITICAL PATCH Act Now

Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Adobe Buffer Overflow Microsoft Air +4
NVD
CVSS 2.0
10.0
EPSS
4.0%
CVE-2015-5559 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player Air +2
NVD
CVSS 2.0
10.0
EPSS
3.8%
CVE-2015-5564 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe RCE Microsoft Flash Player Air +2
NVD
CVSS 2.0
10.0
EPSS
3.2%
CVE-2015-5129 CRITICAL PATCH Act Now

Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Buffer Overflow RCE Microsoft Flash Player +4
NVD
CVSS 2.0
10.0
EPSS
2.8%
CVE-2015-2449 MEDIUM This Month

Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.6% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer Edge
NVD
CVSS 2.0
4.3
EPSS
16.6%
CVE-2015-2445 MEDIUM This Month

Microsoft Internet Explorer 10 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
14.9%
CVE-2015-3235 MEDIUM This Month

Foreman before 1.9.0 allows remote authenticated users with the edit_users permission to edit administrator users and change their passwords via unspecified vectors. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Foreman
NVD
CVSS 2.0
6.0
EPSS
0.6%
CVE-2015-1819 MEDIUM PATCH This Month

The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Debian Linux Ubuntu Linux Enterprise Linux Libxml +8
NVD
CVSS 2.0
5.0
EPSS
1.9%
CVE-2015-3155 MEDIUM PATCH This Month

Foreman before 1.8.1 does not set the secure flag for the _session_id cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Foreman
NVD GitHub
CVSS 2.0
5.0
EPSS
0.6%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy