Latest CVE Feed
-
10.0
HIGHCVE-2015-4599
The SoapFault::__toString method in ext/soap/soap.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information, cause a denial of service (application crash), or possibly execute arbitrary cod... Read more
- EPSS Score: %9.33
- Published: May. 16, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-4479
Multiple integer overflows in libstagefright in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 allow remote attackers to execute arbitrary code via a crafted saio chunk in MPEG-4 video data.... Read more
- EPSS Score: %4.22
- Published: Aug. 16, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3972
The web interface on Janitza UMG 508, 509, 511, 604, and 605 devices supports only short PIN values for authentication, which makes it easier for remote attackers to obtain access via a brute-force attack.... Read more
- EPSS Score: %0.62
- Published: Oct. 28, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3128
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler b... Read more
- EPSS Score: %68.24
- Published: Jul. 09, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3076
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-... Read more
- EPSS Score: %10.44
- Published: May. 13, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3059
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-3053, CVE-2015-3054, CVE-2... Read more
- EPSS Score: %2.98
- Published: May. 13, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3050
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-9161, CVE-... Read more
- EPSS Score: %10.44
- Published: May. 13, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3043
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as explo... Read more
Affected Products : linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus flash_player mac_os_x opensuse windows +9 more products- Actively Exploited
- EPSS Score: %86.04
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-2806
Stack-based buffer overflow in asn1_der_decoding in libtasn1 before 4.4 allows remote attackers to have unspecified impact via unknown vectors.... Read more
- EPSS Score: %12.33
- Published: Apr. 10, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-2737
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified im... Read more
- EPSS Score: %0.94
- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-1132
fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.... Read more
- EPSS Score: %1.10
- Published: Apr. 10, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0779
Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR fil... Read more
Affected Products : zenworks_configuration_management- EPSS Score: %80.15
- Published: Jun. 07, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-3061
Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062, CVE-... Read more
- EPSS Score: %3.03
- Published: May. 13, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0459
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.... Read more
- EPSS Score: %10.71
- Published: Apr. 16, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0355
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- EPSS Score: %4.16
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0350
Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more
- EPSS Score: %4.16
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0346
Double free vulnerability in Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability th... Read more
- EPSS Score: %6.98
- Published: Apr. 14, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-0325
Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknow... Read more
- EPSS Score: %8.68
- Published: Feb. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-8440
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to ... Read more
- EPSS Score: %88.01
- Published: Nov. 11, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-8438
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler befor... Read more
- EPSS Score: %6.95
- Published: Nov. 11, 2014
- Modified: Apr. 12, 2025