Skip to main content
CVE-2015-2556 MEDIUM This Month

The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs, which allows remote attackers to read arbitrary files via an XML document containing an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 29.6% and no vendor patch available.

XXE Information Disclosure Microsoft Sharepoint Server
NVD
CVSS 2.0
4.3
EPSS
29.6%
CVE-2015-6053 MEDIUM This Month

Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via crafted parameters in an ArrayBuffer.slice call, aka "Internet Explorer Information. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.2% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
5.0
EPSS
23.2%
CVE-2015-6044 MEDIUM This Month

Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 14.1% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
6.8
EPSS
14.1%
CVE-2015-6047 MEDIUM This Month

The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 11.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
6.8
EPSS
11.0%
CVE-2015-6059 MEDIUM This Month

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.3% and no vendor patch available.

Information Disclosure Microsoft Jscript Vbscript Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
22.3%
CVE-2015-6057 MEDIUM This Month

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability.". Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.5% and no vendor patch available.

Information Disclosure Microsoft Edge
NVD
CVSS 2.0
5.0
EPSS
18.5%
CVE-2015-6052 MEDIUM This Month

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.8% and no vendor patch available.

Information Disclosure Microsoft Jscript Vbscript Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
18.8%
CVE-2015-6046 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.5% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
18.5%
CVE-2015-6058 MEDIUM This Month

Microsoft Edge mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified vectors, aka "Microsoft Edge XSS. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.7% and no vendor patch available.

XSS Microsoft Edge
NVD
CVSS 2.0
4.3
EPSS
14.7%
CVE-2015-7619 MEDIUM PATCH This Month

The ANShareFile2 method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Authentication Bypass Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.8%
CVE-2015-6697 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Adobe Information Disclosure Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
1.7%
CVE-2015-6698 MEDIUM PATCH This Month

Heap-based buffer overflow in the AcroForm implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.5%
CVE-2015-6696 MEDIUM PATCH This Month

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.5%
CVE-2015-6690 MEDIUM PATCH This Month

Use-after-free vulnerability in the popUpMenuEx method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-6689 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-6688 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7621 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7617 MEDIUM PATCH This Month

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7615 MEDIUM PATCH This Month

Use-after-free vulnerability in a SaveAs feature in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption RCE Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.3%
CVE-2015-7618 MEDIUM PATCH This Month

The CBAutoConfigCommentRepository method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Authentication Bypass Use After Free Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-7614 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
1.0%
CVE-2015-6695 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6694 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6693 MEDIUM PATCH This Month

The signatureSetSeedValue method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6686 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6685 MEDIUM PATCH This Month

Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7623 MEDIUM PATCH This Month

The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7620 MEDIUM PATCH This Month

The ANSendForBrowserReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7616 MEDIUM PATCH This Month

The ANVerifyComments method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6725 MEDIUM PATCH This Month

The ANSendForSharedReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6724 MEDIUM PATCH This Month

The ANSendForApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6723 MEDIUM PATCH This Month

The ANTrustPropagateAll method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6722 MEDIUM PATCH This Month

The CBSharedReviewStatusDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6721 MEDIUM PATCH This Month

The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6720 MEDIUM PATCH This Month

The ANRunSharedReviewEmailStep method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6719 MEDIUM PATCH This Month

The CBSharedReviewCloseDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6718 MEDIUM PATCH This Month

The CBSharedReviewIfOfflineDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6717 MEDIUM PATCH This Month

The DynamicAnnotStore method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6716 MEDIUM PATCH This Month

The ANSendForFormDistribution method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6715 MEDIUM PATCH This Month

The Function apply implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6714 MEDIUM PATCH This Month

The Function bind implementation in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6712 MEDIUM PATCH This Month

The ANSendApprovalToAuthorEnabled method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6711 MEDIUM PATCH This Month

The DoIdentityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6710 MEDIUM PATCH This Month

The CBBBRInit method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6709 MEDIUM PATCH This Month

The CBBBRInvite method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6708 MEDIUM PATCH This Month

The ANStartApproval method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-6707 MEDIUM PATCH This Month

The ANSendForReview method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

Authentication Bypass Adobe Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 2.0
6.8
EPSS
0.8%
CVE-2015-7366 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in Revive Adserver before 3.2.2 allow remote attackers to hijack the authentication of users for requests that (1) perform certain plugin. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

CSRF PHP Denial Of Service Revive Adserver
NVD
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-7364 MEDIUM PATCH This Month

The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Revive Adserver
NVD GitHub
CVSS 2.0
6.8
EPSS
0.2%
CVE-2015-6051 MEDIUM PATCH This Month

Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
9.8%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy