Skip to main content
CVE-2015-7653 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Adobe RCE Microsoft Flash Player Air +2
NVD
CVSS 2.0
9.3
EPSS
4.4%
CVE-2015-7651 CRITICAL PATCH Act Now

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Adobe RCE Microsoft Air Flash Player +2
NVD
CVSS 2.0
9.3
EPSS
4.4%
CVE-2015-6099 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.6% and no vendor patch available.

XSS Microsoft Net Framework
NVD
CVSS 2.0
4.3
EPSS
28.6%
CVE-2015-6096 MEDIUM This Month

The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.9% and no vendor patch available.

XXE Information Disclosure Microsoft Net Framework
NVD
CVSS 2.0
4.3
EPSS
27.9%
CVE-2015-7662 HIGH PATCH This Week

Adobe Flash Player before 18.0.0.261 and 19.x before 19.0.0.245 on Windows and OS X and before 11.2.202.548 on Linux, Adobe AIR before 19.0.0.241, Adobe AIR SDK before 19.0.0.241, and Adobe AIR SDK &. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Adobe Privilege Escalation Microsoft Flash Player Air +2
NVD
CVSS 2.0
7.8
EPSS
1.8%
CVE-2015-1302 HIGH This Week

The PDF viewer in Google Chrome before 46.0.2490.86 does not properly restrict scripting messages and API exposure, which allows remote attackers to bypass the Same Origin Policy via an unintended. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Authentication Bypass Chrome
NVD
CVSS 2.0
7.5
EPSS
1.2%
CVE-2015-2478 HIGH PATCH This Week

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
2.2%
CVE-2015-6115 MEDIUM This Month

Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka ".NET ASLR Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9% and no vendor patch available.

Information Disclosure Microsoft Net Framework
NVD
CVSS 2.0
4.3
EPSS
14.9%
CVE-2015-6112 MEDIUM PATCH This Month

SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
5.8
EPSS
6.7%
CVE-2015-6061 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1, Lync 2010 Attendee, and Lync Room System allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.2% and no vendor patch available.

XSS Information Disclosure Microsoft Lync Lync Room System +1
NVD
CVSS 2.0
4.3
EPSS
14.2%
CVE-2015-6111 MEDIUM PATCH This Month

IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-6102 LOW POC PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
2.1
EPSS
3.8%
CVE-2015-6123 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac 2011 and Excel 2016 for Mac allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message that is. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.4% and no vendor patch available.

XSS Microsoft Excel For Mac
NVD
CVSS 2.0
4.3
EPSS
10.4%
CVE-2015-6088 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
9.4%
CVE-2015-6095 MEDIUM PATCH This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 +4
NVD
CVSS 2.0
4.9
EPSS
4.5%
CVE-2015-6109 LOW PATCH Monitor

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD
CVSS 2.0
2.1
EPSS
2.1%
CVE-2015-6113 LOW PATCH Monitor

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 Windows 7 Windows 8 +6
NVD
CVSS 2.0
2.1
EPSS
0.3%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy