Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

2.1

LOW

CVE-2015-2529

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Kernel ASLR Bypass Vulnerability."...

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012
EPSS Score: %4.40

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
7.2

HIGH

CVE-2015-2528

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %1.55

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
7.2

HIGH

CVE-2015-2527

The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows...

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_8 windows_rt
EPSS Score: %15.25

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
5.0

MEDIUM

CVE-2015-2526

Microsoft .NET Framework 4.5, 4.5.1, 4.5.2, and 4.6 allows remote attackers to cause a denial of service to an ASP.NET web site via crafted requests, aka "MVC Denial of Service Vulnerability."...

Affected Products : .net_framework
EPSS Score: %17.12

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
7.2

HIGH

CVE-2015-2525

Task Scheduler in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to bypass intended filesystem restriction...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %35.47

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
7.2

HIGH

CVE-2015-2524

Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management ...

Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_8 windows_rt
EPSS Score: %12.64

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2523

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office...

Affected Products : excel_viewer excel office_compatibility_pack
EPSS Score: %73.58

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
3.5

LOW

CVE-2015-2522

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Foundation 2013 SP1 allows remote authenticated users to inject arbitrary web script or HTML via crafted content, aka "Microsoft SharePoint XSS Spoofing Vulnerability."...

Affected Products : sharepoint_foundation
EPSS Score: %10.06

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2521

Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."...

Affected Products : excel_viewer excel office_compatibility_pack
EPSS Score: %66.83

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2520

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."...

Affected Products : excel_viewer excel office_compatibility_pack
EPSS Score: %66.83

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2519

Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbi...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %27.97

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
6.9

MEDIUM

CVE-2015-2518

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %3.91

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
6.9

MEDIUM

CVE-2015-2517

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %3.91

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
4.3

MEDIUM

CVE-2015-2516

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (data ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %16.78

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2514

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a cra...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %23.10

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2513

Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a cra...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %23.10

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
7.2

HIGH

CVE-2015-2512

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %3.70

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
6.9

MEDIUM

CVE-2015-2511

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted ...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista windows_8 windows_rt
EPSS Score: %2.92

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2510

Buffer overflow in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2, Office 2007 SP3, Office 2010 SP2, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Live Meeting 2007 Console allows remote att...

Affected Products : windows_server_2008 office lync windows_vista live_meeting_console
EPSS Score: %72.23

Published: Sep. 09, 2015

Modified: Apr. 12, 2025
9.3

HIGH

CVE-2015-2509

Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Media Center link (mcl) file, aka "Windows Media Center RCE Vulnerability."...

Affected Products : windows_7 windows_8.1 windows_vista windows_8
EPSS Score: %88.43

Published: Sep. 09, 2015

Modified: Apr. 12, 2025

Showing 20 of 291647 Results

Latest CVE Feed

2.1

7.2

7.2

5.0

7.2

7.2

9.3

3.5

9.3

9.3

9.3

6.9

6.9

4.3

9.3

9.3

7.2

6.9

9.3

9.3

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable