Skip to main content
CVE-2015-2482 CRITICAL POC THREAT Emergency

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 64.1%.

Denial Of Service RCE Buffer Overflow Microsoft Jscript +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
64.1%
Threat
5.3
CVE-2015-6055 CRITICAL Emergency

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Jscript +1
NVD
CVSS 2.0
9.3
EPSS
44.4%
CVE-2015-7622 CRITICAL POC PATCH THREAT Act Now

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 19.7%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
19.7%
Threat
4.1
CVE-2015-2558 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 43.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Excel Excel For Mac +4
NVD
CVSS 2.0
9.3
EPSS
43.0%
CVE-2015-2555 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 43.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Excel Excel For Mac +1
NVD
CVSS 2.0
9.3
EPSS
43.0%
CVE-2015-6042 CRITICAL PATCH Act Now

Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.9%.

Memory Corruption Denial Of Service Use After Free Buffer Overflow Microsoft +2
NVD
CVSS 2.0
9.3
EPSS
42.9%
CVE-2015-2548 CRITICAL Emergency

Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.9% and no vendor patch available.

RCE Denial Of Service Microsoft Windows 7 Windows Vista
NVD
CVSS 2.0
9.3
EPSS
42.9%
CVE-2015-2515 CRITICAL PATCH Act Now

Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3%.

Memory Corruption Denial Of Service Use After Free Microsoft RCE +9
NVD
CVSS 2.0
9.3
EPSS
42.3%
CVE-2015-2557 CRITICAL Emergency

Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 34.6% and no vendor patch available.

RCE Buffer Overflow Microsoft Visio
NVD
CVSS 2.0
9.3
EPSS
34.6%
CVE-2015-6056 CRITICAL Emergency

The (1) JScript and (2) VBScript engines in Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Jscript +1
NVD
CVSS 2.0
9.3
EPSS
30.1%
CVE-2015-6050 CRITICAL Emergency

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
30.1%
CVE-2015-6048 CRITICAL PATCH Act Now

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 25.3%.

Memory Corruption Denial Of Service Buffer Overflow Microsoft RCE +1
NVD
CVSS 2.0
9.3
EPSS
25.3%
CVE-2015-6049 CRITICAL Act Now

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
24.5%
CVE-2015-2553 HIGH POC PATCH THREAT Act Now

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
13.3%
CVE-2015-7626 CRITICAL PATCH Act Now

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK &. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.2%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
11.2%
CVE-2015-7625 CRITICAL PATCH Act Now

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK &. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 11.2%.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
11.2%
CVE-2015-2554 HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
3.5%
CVE-2015-2552 HIGH POC PATCH This Week

The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2015-5569 CRITICAL PATCH Act Now

Adobe Flash Player before 18.0.0.252 and 19.x before 19.0.0.207 on Windows and OS X and before 11.2.202.535 on Linux, Adobe AIR before 19.0.0.213, Adobe AIR SDK before 19.0.0.213, and Adobe AIR SDK &. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Adobe Information Disclosure Microsoft Flash Player Air +2
NVD
CVSS 2.0
10.0
EPSS
6.0%
CVE-2015-6683 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
2.9%
CVE-2015-6691 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2015-6687 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2015-5586 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
2.5%
CVE-2015-6684 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
10.0
EPSS
2.3%
CVE-2015-2556 MEDIUM This Month

The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs, which allows remote attackers to read arbitrary files via an XML document containing an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 29.6% and no vendor patch available.

XXE Information Disclosure Microsoft Sharepoint Server
NVD
CVSS 2.0
4.3
EPSS
29.6%
CVE-2015-6053 MEDIUM This Month

Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka "Internet Explorer Information. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.2% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
5.0
EPSS
23.2%
CVE-2015-6044 MEDIUM This Month

Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 14.1% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
6.8
EPSS
14.1%
CVE-2015-6047 MEDIUM This Month

The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 11.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
6.8
EPSS
11.0%
CVE-2015-6059 MEDIUM This Month

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.3% and no vendor patch available.

Information Disclosure Microsoft Jscript Vbscript Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
22.3%
CVE-2015-6057 MEDIUM This Month

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.5% and no vendor patch available.

Information Disclosure Microsoft Edge
NVD
CVSS 2.0
5.0
EPSS
18.5%
CVE-2015-6052 MEDIUM This Month

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.8% and no vendor patch available.

Information Disclosure Microsoft Jscript Vbscript Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
18.8%
CVE-2015-6046 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.5% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
18.5%
CVE-2015-7372 HIGH PATCH This Week

Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remote attackers to include and execute arbitrary local files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Revive Adserver
NVD GitHub
CVSS 2.0
7.5
EPSS
2.0%
CVE-2015-6713 HIGH PATCH This Week

The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2015-7369 HIGH This Week

The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Revive Adserver
NVD
CVSS 2.0
7.5
EPSS
0.8%
CVE-2015-2550 HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
2.2%
CVE-2015-7367 HIGH This Week

Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging an unexpired session after the user has been (1) deleted or (2) unlinked. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Revive Adserver
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2015-2549 HIGH PATCH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
1.5%
CVE-2015-6058 MEDIUM This Month

Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.7% and no vendor patch available.

XSS Microsoft Edge
NVD
CVSS 2.0
4.3
EPSS
14.7%
CVE-2015-7619 MEDIUM PATCH This Month

The ANShareFile2 method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Authentication Bypass Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.8%
CVE-2015-6697 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
1.7%
CVE-2015-6698 MEDIUM PATCH This Month

Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.5%
CVE-2015-6696 MEDIUM PATCH This Month

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.5%
CVE-2015-6690 MEDIUM PATCH This Month

Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-6689 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-6688 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7621 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7617 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7615 MEDIUM PATCH This Month

Use-after-free vulnerability in a SaveAs feature in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7618 MEDIUM PATCH This Month

The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Authentication Bypass Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.1%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy