The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 13.3%.
The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.
The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.
Directory traversal vulnerability in delivery-dev/al.php in Revive Adserver before 3.2.2 allows remote attackers to include and execute arbitrary local files via a .. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
The Function call implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.
The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not restrict access cross domain access, which allows remote attackers to conduct cross domain attacks via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.
Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging an unexpired session after the user has been (1) deleted or (2) unlinked. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.