Skip to main content
CVE-2015-6086 MEDIUM POC THREAT This Month

Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 57.8%.

Information Disclosure Microsoft Internet Explorer
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
57.8%
Threat
4.1
CVE-2015-6101 MEDIUM POC PATCH THREAT This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 23.1%.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
23.1%
CVE-2015-6100 MEDIUM POC PATCH This Month

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 6.9). Public exploit code available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 +6
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
5.8%
CVE-2015-6099 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in ASP.NET in Microsoft .NET Framework 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to inject arbitrary web script or HTML via a crafted value, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 28.6% and no vendor patch available.

XSS Microsoft Net Framework
NVD
CVSS 2.0
4.3
EPSS
28.6%
CVE-2015-6096 MEDIUM This Month

The XML DTD parser in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to read arbitrary files via an external entity declaration in conjunction. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.9% and no vendor patch available.

XXE Information Disclosure Microsoft Net Framework
NVD
CVSS 2.0
4.3
EPSS
27.9%
CVE-2015-6115 MEDIUM This Month

Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka ".NET ASLR Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.9% and no vendor patch available.

Information Disclosure Microsoft Net Framework
NVD
CVSS 2.0
4.3
EPSS
14.9%
CVE-2015-6112 MEDIUM PATCH This Month

SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable.

Information Disclosure Microsoft Windows 7 Windows 8 Windows 8 1 +5
NVD
CVSS 2.0
5.8
EPSS
6.7%
CVE-2015-6061 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1, Lync 2010 Attendee, and Lync Room System allows remote attackers to inject arbitrary web script. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.2% and no vendor patch available.

XSS Information Disclosure Microsoft Lync Lync Room System +1
NVD
CVSS 2.0
4.3
EPSS
14.2%
CVE-2015-6111 MEDIUM PATCH This Month

IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 8 Windows 8 1 +3
NVD
CVSS 2.0
6.8
EPSS
1.1%
CVE-2015-6123 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac 2011 and Excel 2016 for Mac allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message that is. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.4% and no vendor patch available.

XSS Microsoft Excel For Mac
NVD
CVSS 2.0
4.3
EPSS
10.4%
CVE-2015-6088 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Edge Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
9.4%
CVE-2015-6095 MEDIUM PATCH This Month

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 +4
NVD
CVSS 2.0
4.9
EPSS
4.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy