Skip to main content
CVE-2016-0189 HIGH POC KEV PATCH THREAT Act Now

The Microsoft (1) JScript 5.8 and (2) VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft
NVD Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
90.8%
Threat
7.2
CVE-2016-0185 HIGH POC KEV PATCH THREAT Act Now

Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka "Windows Media. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Microsoft RCE
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
82.8%
Threat
7.0
CVE-2016-0170 HIGH POC THREAT Act Now

GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 79.9%.

Microsoft RCE Authentication Bypass Windows 10 Windows 7 +5
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
79.9%
Threat
5.7
CVE-2016-4108 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 65.6%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
65.6%
Threat
5.0
CVE-2016-1106 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 57.6%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
57.6%
Threat
4.7
CVE-2016-1105 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
53.1%
Threat
4.6
CVE-2016-1103 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
53.1%
Threat
4.6
CVE-2016-1101 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 53.1%.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
53.1%
Threat
4.6
CVE-2016-1104 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.7%
Threat
4.2
CVE-2016-1102 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.7%
Threat
4.2
CVE-2016-1096 HIGH POC THREAT Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 39.7%.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
39.7%
Threat
4.2
CVE-2016-0183 HIGH Act Now

The Windows font library in Microsoft Office 2010 SP2, Word 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allows remote attackers to execute arbitrary. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 40.4% and no vendor patch available.

Microsoft RCE Authentication Bypass Office Office Web Apps +2
NVD
CVSS 3.0
8.8
EPSS
40.4%
CVE-2016-0182 HIGH Act Now

Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal (aka. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 42.9% and no vendor patch available.

Microsoft RCE Buffer Overflow Authentication Bypass Windows 10 +4
NVD
CVSS 3.0
7.8
EPSS
42.9%
CVE-2016-0188 HIGH Act Now

The User Mode Code Integrity (UMCI) implementation in Device Guard in Microsoft Internet Explorer 11 allows remote attackers to bypass a code-signing protection mechanism via unspecified vectors, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 32.7% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
CVSS 3.0
8.8
EPSS
32.7%
CVE-2016-0140 HIGH Act Now

Microsoft Office 2007 SP3, Office 2010 SP2, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 36.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Office Office Web Apps +1
NVD
CVSS 3.0
7.8
EPSS
36.0%
CVE-2016-0195 HIGH Act Now

The Imaging Component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 26.4% and no vendor patch available.

RCE Buffer Overflow Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
8.8
EPSS
26.4%
CVE-2016-0178 HIGH Act Now

The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 26.2% and no vendor patch available.

RCE Privilege Escalation Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
8.8
EPSS
26.2%
CVE-2016-0126 HIGH Act Now

Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 30.0% and no vendor patch available.

RCE Buffer Overflow Microsoft Office
NVD
CVSS 3.0
7.8
EPSS
30.0%
CVE-2016-0192 HIGH Act Now

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 29.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Edge +1
NVD
CVSS 3.0
7.5
EPSS
29.9%
CVE-2016-0184 HIGH Act Now

Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 22.3% and no vendor patch available.

RCE Denial Of Service Microsoft Windows 10 Windows 7 +5
NVD
CVSS 3.0
8.8
EPSS
22.3%
CVE-2016-0198 HIGH Act Now

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, and Word Viewer allow remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 24.1% and no vendor patch available.

RCE Buffer Overflow Microsoft Office Office Compatibility Pack +3
NVD
CVSS 3.0
7.8
EPSS
24.1%
CVE-2016-0171 HIGH POC This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.9%
CVE-2016-0173 HIGH POC This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.8%
CVE-2016-0186 HIGH PATCH Act Now

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 21.8%.

Denial Of Service RCE Buffer Overflow Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
21.8%
CVE-2016-0179 HIGH Act Now

Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 19.2% and no vendor patch available.

Microsoft RCE Authentication Bypass Windows 10 Windows 8 1 +2
NVD
CVSS 3.0
7.8
EPSS
19.2%
CVE-2016-0187 HIGH Act Now

The Microsoft (1) JScript 5.8 and (2) VBScript 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Jscript +1
NVD
CVSS 3.0
7.5
EPSS
20.5%
CVE-2016-0193 HIGH PATCH Act Now

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 18.3%.

Denial Of Service RCE Buffer Overflow Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
18.3%
CVE-2016-0191 HIGH PATCH Act Now

The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 18.3%.

Denial Of Service RCE Buffer Overflow Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
18.3%
CVE-2016-1100 HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
15.5%
CVE-2016-1099 HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
15.5%
CVE-2016-1098 HIGH Act Now

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 15.5% and no vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
15.5%
CVE-2016-4110 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1110 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1109 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1108 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1107 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-1097 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
7.0%
CVE-2016-3710 HIGH PATCH This Week

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Buffer Overflow Debian Linux Helion Openstack Ubuntu Linux +12
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2016-0152 HIGH This Week

Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Microsoft Windows Server 2008 Windows Vista
NVD
CVSS 3.0
7.8
EPSS
5.0%
CVE-2016-4115 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4114 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4113 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4112 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4111 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Edge Internet Explorer +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4109 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.5%
CVE-2016-4116 HIGH This Week

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Information Disclosure Microsoft Flash Player Edge +1
NVD
CVSS 3.0
7.5
EPSS
6.1%
CVE-2016-0174 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
2.3%
CVE-2016-0196 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2016-0197 HIGH This Week

dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2016-0180 HIGH This Week

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
1.5%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy