Skip to main content
CVE-2015-6144 MEDIUM This Month

Microsoft Internet Explorer 8 through 11 and Microsoft Edge mishandle HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 21.3% and no vendor patch available.

XSS Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
21.3%
CVE-2015-6138 MEDIUM This Month

Microsoft Internet Explorer 8 through 11 mishandles HTML attributes in HTTP responses, which allows remote attackers to bypass a cross-site scripting (XSS) protection mechanism via unspecified. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 19.8% and no vendor patch available.

XSS Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
19.8%
CVE-2015-6165 MEDIUM This Month

Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 17.5% and no vendor patch available.

Information Disclosure Microsoft Silverlight
NVD
CVSS 2.0
4.3
EPSS
17.5%
CVE-2015-6114 MEDIUM This Month

Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 17.5% and no vendor patch available.

Information Disclosure Microsoft Silverlight
NVD
CVSS 2.0
4.3
EPSS
17.5%
CVE-2015-6126 HIGH PATCH This Week

Race condition in the Pragmatic General Multicast (PGM) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Race Condition Denial Of Service Microsoft Windows 10 Windows 7 +7
NVD
CVSS 2.0
7.2
EPSS
0.6%
CVE-2015-6135 MEDIUM This Month

The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Jscript Vbscript
NVD
CVSS 2.0
5.0
EPSS
8.5%
CVE-2015-6169 MEDIUM This Month

Microsoft Edge misparses HTTP responses, which allows remote attackers to redirect users to arbitrary web sites via unspecified vectors, aka "Microsoft Edge Spoofing Vulnerability.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.8% and no vendor patch available.

Information Disclosure Microsoft Edge
NVD
CVSS 2.0
4.3
EPSS
10.8%
CVE-2015-6161 MEDIUM This Month

Microsoft Internet Explorer 7 through 11 and Microsoft Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Browser ASLR Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
10.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy