Skip to main content
CVE-2016-4195 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
8.8
EPSS
3.3%
CVE-2016-3244 MEDIUM This Month

Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Edge Security Feature Bypass.". Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 25.7% and no vendor patch available.

Microsoft Authentication Bypass Edge
NVD
CVSS 3.0
4.3
EPSS
25.7%
CVE-2016-4255 HIGH PATCH This Week

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe RCE Microsoft Acrobat Acrobat Dc +2
NVD
CVSS 3.0
8.8
EPSS
2.1%
CVE-2016-4200 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-4199 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-4198 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-4197 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-4196 HIGH PATCH This Week

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +4
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2016-4066 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Fortinet FortiWeb before 5.5.3 allows remote attackers to hijack the authentication of administrators for requests that change the password via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Fortinet Fortiweb
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-3245 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP connections to a restricted port via a crafted web site, aka "Internet Explorer Security Feature Bypass. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 10.5% and no vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
CVSS 3.0
6.5
EPSS
10.5%
CVE-2016-3100 HIGH This Week

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Leap Opensuse Kde Frameworks
NVD
CVSS 3.0
8.4
EPSS
0.0%
CVE-2016-3239 HIGH This Week

The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2016-4974 HIGH PATCH This Week

Apache Qpid AMQP 0-x JMS client before 6.0.4 and JMS (AMQP 1.0) before 0.10.0 does not restrict the use of classes available on the classpath, which might allow remote authenticated users with. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable.

RCE Apache Amqp 0 X Jms Client Jms Client Amqp
NVD
CVSS 3.0
7.5
EPSS
2.1%
CVE-2016-3254 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2016-3252 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.3
EPSS
2.7%
CVE-2016-3250 HIGH This Week

The kernel-mode drivers in Microsoft Windows Server 2012 and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability.". Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows Server 2012
NVD
CVSS 3.0
7.3
EPSS
2.6%
CVE-2016-4216 HIGH PATCH This Week

XMPCore in Adobe XMP Toolkit for Java before 5.1.3 allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe XXE Java Xmp Toolkit
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2016-3286 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2016-3249 HIGH This Week

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
7.3
EPSS
1.2%
CVE-2016-3256 MEDIUM This Month

Microsoft Windows 10 Gold and 1511 allows local users to bypass the Secure Kernel Mode protection mechanism and obtain sensitive information via a crafted application, aka "Windows Secure Kernel Mode. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 10
NVD
CVSS 3.0
5.0
EPSS
4.7%
CVE-2015-8808 MEDIUM This Month

The DecodeImage function in coders/gif.c in GraphicsMagick 1.3.18 allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted GIF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Graphicsmagick Linux Enterprise Debuginfo Studio Onsite +2
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-4247 MEDIUM PATCH This Month

Race condition in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to obtain sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required.

Adobe Race Condition Information Disclosure Microsoft Flash Player Desktop Runtime +1
NVD
CVSS 3.1
5.3
EPSS
0.8%
CVE-2016-3272 LOW Monitor

The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles page-fault system calls, which allows local users to obtain sensitive. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. Epss exploitation probability 12.6% and no vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows Rt 8 1 +1
NVD
CVSS 3.0
2.8
EPSS
12.6%
CVE-2016-3251 LOW Monitor

The GDI component in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and. Rated low severity (CVSS 2.8), this vulnerability is low attack complexity. Epss exploitation probability 12.2% and no vendor patch available.

Information Disclosure Microsoft Windows 10 Windows 7 Windows 8 1 +4
NVD
CVSS 3.0
2.8
EPSS
12.2%
CVE-2016-5092 MEDIUM This Month

Directory traversal vulnerability in Fortinet FortiWeb before 5.5.3 allows remote authenticated administrators with read and write privileges to read arbitrary files by leveraging the autolearn. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Fortinet Fortiweb
NVD
CVSS 3.0
4.9
EPSS
0.3%
CVE-2016-3258 MEDIUM This Month

Race condition in the kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Low Integrity protection. Rated medium severity (CVSS 4.7). No vendor patch available.

Privilege Escalation Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD
CVSS 3.0
4.7
EPSS
0.2%
CVE-2016-3276 LOW Monitor

Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Internet Explorer
NVD
CVSS 3.0
3.1
EPSS
7.2%
CVE-2016-3274 LOW Monitor

Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct content-spoofing attacks via a crafted URL, aka "Microsoft Browser Spoofing Vulnerability.". Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Authentication Bypass Edge Internet Explorer
NVD
CVSS 3.0
3.1
EPSS
7.2%
CVE-2016-3287 MEDIUM This Month

Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the Secure Boot protection mechanism by leveraging administrative. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Windows 10 Windows 8 1 Windows Rt 8 1 +1
NVD
CVSS 3.0
4.4
EPSS
0.5%
CVE-2016-4178 MEDIUM PATCH This Month

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to bypass intended access restrictions and obtain. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Microsoft Adobe Authentication Bypass Flash Player Desktop Runtime Flash Player
NVD
CVSS 3.1
4.3
EPSS
0.5%
CVE-2016-5109 MEDIUM This Month

Citrix Worx Home for iOS before 10.3.6 and XenMobile MDX Toolkit for iOS before 10.3.6 might allow physically proximate attackers to bypass in-application Apple Touch ID authentication via. Rated medium severity (CVSS 4.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Citrix Authentication Bypass Xenmobile Mdx Toolkit Worx Home
NVD
CVSS 3.0
4.3
EPSS
0.1%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy