Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.3

    MEDIUM
    CVE-2015-6052

    The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR... Read more

    Affected Products : internet_explorer vbscript jscript
    • EPSS Score: %21.43
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6051

    Microsoft Internet Explorer 10 and 11 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %11.06
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6050

    Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %30.10
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6049

    Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • EPSS Score: %21.13
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6048

    Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • EPSS Score: %21.88
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6047

    The broker EditWith feature in Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the AppContainer protection mechanism and gain privileges via a DelegateExecute launch of an arbitrary application, as demonstrated by a transition f... Read more

    Affected Products : internet_explorer
    • EPSS Score: %13.75
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-6046

    Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %21.10
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 6.8

    MEDIUM
    CVE-2015-6044

    Microsoft Internet Explorer 8 allows remote attackers to gain privileges via a crafted web site, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Internet Explorer Elevation of Privilege Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %16.24
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6042

    Use-after-free vulnerability in the CWindow object implementation in Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Co... Read more

    Affected Products : internet_explorer
    • EPSS Score: %25.71
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-6039

    Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2013 SP1 and SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content in an Office Marketplace instance, aka "Micros... Read more

    • EPSS Score: %9.02
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 3.5

    LOW
    CVE-2015-6037

    Cross-site scripting (XSS) vulnerability in Microsoft Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, Office Web Apps Server 2013 SP1, and SharePoint Foundation 2013 SP1 allows remote authentica... Read more

    • EPSS Score: %10.64
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2558

    Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3,... Read more

    • EPSS Score: %48.81
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2557

    Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."... Read more

    Affected Products : visio
    • EPSS Score: %34.58
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-2556

    The InfoPath Forms Services component in Microsoft SharePoint Server 2007 SP3 and 2010 SP2 misparses DTDs, which allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity re... Read more

    Affected Products : sharepoint_server
    • EPSS Score: %39.14
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2555

    Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrary cod... Read more

    Affected Products : sharepoint_server excel excel_for_mac
    • EPSS Score: %48.81
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2554

    The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows Object Reference Elevation of Privilege Vulnerability."... Read more

    • EPSS Score: %2.39
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2553

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it ... Read more

    • EPSS Score: %11.33
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2552

    The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection mechanism, and consequently interfere with the integrity o... Read more

    • EPSS Score: %1.46
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2550

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application,... Read more

    • EPSS Score: %2.96
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-2549

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application,... Read more

    • EPSS Score: %2.05
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 291728 Results