VIR Vulnerability Intelligence Relay

Search

Found 2,742 results in 445ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2016-1102 high 7.5 8.5 EXP microsoftadobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1101 high 7.5 8.5 EXP adobemicrosoft 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-1096 high 7.5 8.5 EXP adobemicrosoft 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-0173 high 7.8 8.8 EXP windows windows 10y ago The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 a…
CVE-2016-0171 high 7.8 8.8 EXP windows windows 10y ago The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 a…
CVE-2016-0170 high 8.8 9.8 EXP windows windows 10y ago GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attacke…
CVE-2015-0569 high 7.8 8.8 EXP linux-kernel 10y ago Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation C…
CVE-2016-4535 high 7.5 8.5 EXP mcafee 10y ago Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service (memory corruption and crash) via a crafted packed exe…
CVE-2016-4534 low 3.0 4.0 EXP mcafee 10y ago The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and…
CVE-2016-3716 low 3.3 4.3 EXPFIX debian debian rhelubuntu ubuntu imagemagick 10y ago The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
CVE-2016-2854 high 7.8 8.8 EXPFIX debian debian linux-kernel 10y ago The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
CVE-2016-2853 high 7.8 8.8 EXPFIX debian debian linux-kernel 10y ago The aufs module for the Linux kernel 3.x and 4.x does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an aufs filesystem on top of a FUSE filesystem…
CVE-2016-1576 high 7.8 8.8 EXPFIX debian debianubuntu ubuntu linux-kernel 10y ago The overlayfs implementation in the Linux kernel through 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top o…
CVE-2016-1575 high 7.8 8.8 EXPFIX slesdebian debianubuntu ubuntu 10y ago The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid direc…
CVE-2016-3672 high 7.8 8.8 EXPFIX slesdebian debiansuse suse novell 10y ago The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the int…
CVE-2016-3135 high 7.8 8.8 EXPFIX debian debianubuntu ubuntu linux-kernel 10y ago Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of servi…
CVE-2016-3134 high 8.4 9.4 EXPFIX slesdebian debiansuse suse novell 10y ago The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) vi…
CVE-2016-3081 high 8.1 9.1 EXP sles apacheoracle 10y ago Apache Struts RCE Vulnerability
CVE-2016-2203 high 7.8 8.8 EXP symantec 10y ago The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to discover an encrypted AD password by leveraging certain read privileges.
CVE-2016-1593 high 7.2 8.2 EXP novell 10y ago Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a …
CVE-2016-0891 high 8.8 9.8 EXP emc 10y ago Multiple cross-site request forgery (CSRF) vulnerabilities in administrative pages in EMC ViPR SRM before 3.7 allow remote attackers to hijack the authentication of administrators.
CVE-2016-3943 high 7.8 8.8 EXP watchguard 10y ago Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which al…
CVE-2015-7378 high 7.8 8.8 EXP watchguard 10y ago Panda Security URL Filtering before 4.3.1.9 uses a weak ACL for the "Panda Security URL Filtering" directory and installed files, which allows local users to gain SYSTEM privileges by modifying Panda…
CVE-2016-0846 high 8.4 9.4 EXP 10y ago libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which …
CVE-2016-2056 high 8.8 9.8 EXPFIX debian debian xymon 10y ago xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacters in the adduser_name argument in (1) web/useradm.c or (2) …
CVE-2016-2055 high 7.5 8.5 EXPFIX debian debian xymon 10y ago xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the configuration directory via a "config" command.
CVE-2016-0145 high 8.8 9.8 EXP windows windows microsoft 10y ago The font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold and 1511; Office 2007…
CVE-2016-0143 high 7.8 8.8 EXP windows windows 10y ago The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 al…
CVE-2016-0122 high 7.8 8.8 EXP microsoft 10y ago Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary…
CVE-2016-3986 high 7.8 8.8 EXP avast 10y ago Avast allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted PE file, related to authenticode parsing.
CVE-2016-0710 high 8.8 9.8 EXP apache 10y ago Apache Jetspeed vulnerable to SQL Injection
CVE-2016-0709 high 7.2 8.2 EXP apache 10y ago Path Traversal in Apache Jetspeed
CVE-2016-1013 high 8.8 9.8 EXP macos macos linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary…
CVE-2016-1011 high 8.8 9.8 EXP macos macos linux-kernelwindows windows adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary…
CVE-2015-6541 high 8.8 9.8 EXP zimbra 10y ago Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra Collaboration Server (ZCS) before 8.5 allow remote attackers to hijack the authentication of arbitrary users…
CVE-2016-1531 high 7.0 8.0 EXPFIX slesdebian debian exim 10y ago Exim before 4.86.2, when installed setuid root, allows local users to gain privileges via the perl_startup argument.
CVE-2016-0792 high 8.8 9.8 EXP jenkinsredhat 10y ago Jenkins allows Deserialization of Untrusted Data via an XML File
CVE-2016-0793 high 7.5 8.5 EXP redhat 10y ago WildFly has incomplete blacklist vulnerability
CVE-2016-2288 high 7.8 8.8 EXP cogentdatahub 10y ago Cogent DataHub before 7.3.10 allows local users to gain privileges by leveraging the user or guest role to modify a file.
CVE-2016-1769 high 7.8 8.8 EXP macos macos 10y ago QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Photoshop file.
CVE-2016-1768 high 7.8 8.8 EXP macos macos 10y ago QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than …
CVE-2016-1767 high 7.8 8.8 EXP macos macos 10y ago QuickTime in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted FlashPix image, a different vulnerability than …
CVE-2016-1757 high 7.0 8.0 EXP macos macos 10y ago Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.
CVE-2016-1755 high 7.8 8.8 EXPFIX macos macos 10y ago The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memor…
CVE-2016-1749 high 7.8 8.8 EXP macos macos 10y ago IOUSBFamily in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
CVE-2016-1744 high 7.8 8.8 EXP macos macos 10y ago The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via…
CVE-2016-1743 high 7.8 8.8 EXP macos macos 10y ago The Intel driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via…
CVE-2016-2856 high 8.4 9.4 EXPFIX debian debianubuntu ubuntu gnu 10y ago pt_chown in the glibc package before 2.19-18+deb8u4 on Debian jessie; the elibc package before 2.15-0ubuntu10.14 on Ubuntu 12.04 LTS and before 2.19-0ubuntu6.8 on Ubuntu 14.04 LTS; and the glibc pack…
CVE-2016-1960 high 8.8 9.8 EXPFIX debian debiansuse suse mozilla 10y ago Integer underflow in the nsHtml5TreeBuilder class in the HTML5 string parser in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code or cause…
CVE-2016-1002 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 10y ago Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Ad…
CVE-2016-1001 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 10y ago Heap-based buffer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR…
CVE-2016-1000 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A…
CVE-2016-0999 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A…
CVE-2016-0998 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A…
CVE-2016-0997 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 10y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe A…
CVE-2016-0121 high 8.8 9.8 EXP windows windows 10y ago The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and…
CVE-2016-0111 high 7.5 8.5 EXP microsoft 10y ago Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Br…
CVE-2016-0108 high 7.5 8.5 EXP microsoft 10y ago Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vuln…
CVE-2016-0100 high 8.4 9.4 EXP windows windows 10y ago Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Exe…
CVE-2016-0094 high 7.8 8.8 EXP windows windows 10y ago The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 al…
CVE-2016-0093 high 7.8 8.8 EXP windows windows 10y ago The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 al…
CVE-2016-2278 high 7.2 8.2 EXP 10y ago Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P 1.7 and earlier allows remote authenticated administrators to execute arbitrary OS commands by defeat…
CVE-2016-2098 high 7.3 8.3 EXPFIX debian debian rubyonrails 10y ago Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application's unrestricted use of t…
CVE-2015-7547 high 8.1 9.1 EXPFIX debian debianubuntu ubuntususe suse hpsophossuse 10y ago Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a den…
CVE-2016-2389 high 7.5 8.5 EXP sap 10y ago Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitra…
CVE-2016-1525 high 8.6 9.6 EXP netgear 11y ago Directory traversal vulnerability in data/config/image.do in NETGEAR Management System NMS300 1.5.0.11 and earlier allows remote authenticated users to read arbitrary files via a .. (dot dot) in the …
CVE-2016-0985 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 11y ago Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe …
CVE-2016-0974 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR S…
CVE-2016-0971 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 11y ago Heap-based buffer overflow in Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK…
CVE-2016-0967 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 11y ago Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe …
CVE-2016-0965 high 8.8 9.8 EXP windows windowsmacos macos linux-kernel adobe 11y ago Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe …
CVE-2016-0964 high 8.8 9.8 EXP slesmacos macos linux-kernel adobe 11y ago Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe …
CVE-2016-0956 high 7.5 8.5 EXP macos macos linux-kernel apacheadobe 11y ago Exposure of Sensitive Information to an Unauthorized Actor in Apache Sling Servlets Post
CVE-2016-0063 high 8.8 9.8 EXP microsoft 11y ago Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corru…
CVE-2016-0051 high 7.8 8.8 EXP windows windows 11y ago The WebDAV client in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows …
CVE-2016-0041 high 7.8 8.8 EXP windows windows microsoft 11y ago Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11…
CVE-2016-0728 high 7.8 8.8 EXPFIX slesdebian debianubuntu ubuntu hp 11y ago The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or…
CVE-2016-0861 high 8.8 9.8 EXP ge 11y ago General Electric (GE) Industrial Solutions UPS SNMP/Web Adapter devices with firmware before 4.8 allow remote authenticated users to execute arbitrary commands via unspecified vectors.
CVE-2016-1721 high 7.8 8.8 EXPFIX macos macos 11y ago The kernel in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1720 high 7.8 8.8 EXPFIX macos macos 11y ago IOKit in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1719 high 7.8 8.8 EXP macos macos 11y ago The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vector…
CVE-2016-1879 high 7.5 8.5 EXP freebsd freebsd 11y ago The Stream Control Transmission Protocol (SCTP) module in FreeBSD 9.3 before p33, 10.1 before p26, and 10.2 before p9, when the kernel is configured for IPv6, allows remote attackers to cause a denia…
CVE-2015-8770 high 7.5 8.5 EXPFIX debian debian roundcube 11y ago Directory traversal vulnerability in the set_skin function in program/include/rcmail_output_html.php in Roundcube before 1.0.8 and 1.1.x before 1.1.4 allows remote authenticated users with certain pe…
CVE-2015-8279 high 8.6 9.6 EXP samsung 11y ago Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.
CVE-2016-0016 high 7.8 8.8 EXP windows windows 11y ago Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandl…
CVE-2016-0015 high 7.8 8.8 EXP windows windows 11y ago DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attac…
CVE-2016-0007 high 7.8 8.8 EXP windows windows 11y ago The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Win…
CVE-2016-0006 high 7.3 8.3 EXP windows windows 11y ago The sandbox implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Win…
CVE-2015-8088 high 7.8 8.8 EXP 11y ago Heap-based buffer overflow in the HIFI driver in Huawei Mate 7 phones with software MT7-UL00 before MT7-UL00C17B354, MT7-TL10 before MT7-TL10C00B354, MT7-TL00 before MT7-TL00C01B354, and MT7-CL00 bef…
CVE-2015-8612 high 8.4 9.4 EXPFIX debian debian blueman_project 11y ago The EnableNetwork method in the Network class in plugins/mechanism/Network.py in Blueman before 2.0.3 allows local users to gain privileges via the dhcp_handler argument.
CVE-2015-6639 high 7.8 8.8 EXP 11y ago The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka i…
CVE-2015-2023 high 8.8 9.8 EXP ibm 11y ago Buffer overflow in IBM i Access 7.1 on Windows allows local users to gain privileges via unspecified vectors.
CVE-2015-5996 high 8.8 9.8 EXP 11y ago Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users.
CVE-2015-7250 high 7.5 8.5 EXP 11y ago Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allows remote attackers to read arbitrary files via a full pathname in the getp…
CVE-2015-7248 high 7.5 8.5 EXP 11y ago ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password hashes by reading the cgi-bin/webproc HTML source code, a different vulnerability…
CVE-2015-8644 high 8.8 9.8 EXP macos macos linux-kernel adobe 11y ago Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe …
CVE-2015-8636 high 8.8 9.8 EXP macos macos linux-kernel adobe 11y ago Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe …
CVE-2015-8635 high 8.8 9.8 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR S…
CVE-2015-8634 high 8.8 9.8 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR S…
CVE-2015-8664 high 8.8 9.8 EXP google 11y ago Integer overflow in the WebCursor::Deserialize function in content/common/cursors/webcursor.cc in Google Chrome before 47.0.2526.106 allows remote attackers to cause a denial of service or possibly h…