Skip to main content
CVE-2017-0018 HIGH PATCH Act Now

Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.8%.

Buffer Overflow RCE Microsoft Denial Of Service Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
20.8%
CVE-2015-3881 HIGH POC This Week

Information disclosure issue in qdPM 8.3 allows remote attackers to obtain sensitive information via a direct request to (1) core/config/databases.yml, (2) core/log/qdPM_prod.log, or (3). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Qdpm
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2014-8701 HIGH POC This Week

Wonder CMS 2014 allows remote attackers to obtain sensitive information by viewing /files/password, which reveals the unsalted MD5 hashed password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wondercms
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-0040 HIGH PATCH Act Now

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 18.7%.

Buffer Overflow RCE Microsoft Denial Of Service Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
18.7%
CVE-2017-0103 HIGH POC This Week

The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows Server 2008 Windows Server 2012 +1
NVD Exploit-DB
CVSS 3.0
7.0
EPSS
1.2%
CVE-2017-0121 MEDIUM POC PATCH THREAT This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 13.0%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
13.0%
CVE-2017-0118 MEDIUM POC PATCH THREAT This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 12.4%.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
12.4%
CVE-2017-0130 HIGH PATCH Act Now

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.3%.

Buffer Overflow RCE Microsoft Denial Of Service Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
16.3%
CVE-2017-0151 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0150 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0138 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0137 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0136 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0132 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0131 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0067 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0035 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0032 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0027 MEDIUM PATCH This Month

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. Epss exploitation probability 29.7%.

Microsoft Information Disclosure Excel Office Compatibility Pack Sharepoint Server
NVD
CVSS 3.0
4.7
EPSS
29.7%
CVE-2017-0057 MEDIUM PATCH This Month

DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 31.1%.

Microsoft Information Disclosure Windows 10 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.0
4.3
EPSS
31.1%
CVE-2017-0128 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0127 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0126 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0125 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0123 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0122 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0120 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0119 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0117 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0116 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0114 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0113 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0112 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0111 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0092 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0091 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0085 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
9.7%
CVE-2017-0045 MEDIUM POC PATCH This Month

Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Microsoft CSRF Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
3.6%
CVE-2017-7174 CRITICAL Act Now

The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Chef Manage
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2017-0060 MEDIUM POC PATCH This Month

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Microsoft Information Disclosure Live Meeting Lync Office +11
NVD Exploit-DB
CVSS 3.1
5.5
EPSS
3.3%
CVE-2015-3883 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in qdPM 8.3 allow remote attackers to inject arbitrary web script or HTML via the (1) search[keywords] parameter to index.php/users page; the (2). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Qdpm
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2014-8703 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Wonder CMS 2014 allows remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wondercms
NVD
CVSS 3.0
6.1
EPSS
0.2%
CVE-2014-8704 CRITICAL Act Now

Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to include and execute arbitrary local files via a crafted theme. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal PHP Wondercms
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2014-9852 CRITICAL PATCH Act Now

distribute-cache.c in ImageMagick re-uses objects after they have been destroyed, which allows remote attackers to have unspecified impact via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Imagemagick Opensuse Linux Enterprise Desktop Linux Enterprise Server +3
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2017-0029 MEDIUM PATCH This Month

Microsoft Office 2010 SP2, Word 2010 SP2, Word 2013 RT SP1, and Word 2016 allow remote attackers to cause a denial of service (application hang) via a crafted Office document, aka "Microsoft Office. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 22.6%.

Denial Of Service Microsoft Office Word
NVD
CVSS 3.0
5.5
EPSS
22.6%
CVE-2014-8705 CRITICAL PATCH Act Now

PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote attackers to execute arbitrary PHP code via a URL in the hook parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE PHP Wondercms
NVD
CVSS 3.0
9.8
EPSS
0.7%
CVE-2017-0039 HIGH PATCH Act Now

Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 10.3%.

RCE Microsoft Windows Server 2008 Windows Vista
NVD
CVSS 3.0
7.8
EPSS
10.3%
CVE-2017-0065 MEDIUM PATCH This Month

Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability." This vulnerability is. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 27.2%.

Microsoft Information Disclosure Edge
NVD
CVSS 3.0
4.3
EPSS
27.2%
CVE-2017-0124 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
6.4%
CVE-2017-0115 MEDIUM POC PATCH This Month

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Microsoft Information Disclosure Windows 7 Windows Server 2008 Windows Vista
NVD Exploit-DB
CVSS 3.0
4.3
EPSS
6.4%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy