Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.4

    MEDIUM
    CVE-2015-1577

    Directory traversal vulnerability in u5admin/deletefile.php in u5CMS before 3.9.4 allows remote attackers to write to arbitrary files via a (1) .. (dot dot) or (2) full pathname in the f parameter.... Read more

    Affected Products : u5cms
    • EPSS Score: %10.30
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1576

    Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c... Read more

    Affected Products : u5cms
    • EPSS Score: %0.83
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-1575

    Multiple cross-site scripting (XSS) vulnerabilities in u5CMS before 3.9.4 allow remote attackers to inject arbitrary web script or HTML via the (1) c, (2) i, (3) l, or (4) p parameter to index.php; the (5) a or (6) b parameter to u5admin/cookie.php; the n... Read more

    Affected Products : u5cms
    • EPSS Score: %4.31
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1518

    SQL injection vulnerability in the search_post function in includes/search.php in Redaxscript before 2.3.0 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter.... Read more

    Affected Products : redaxscript
    • EPSS Score: %1.84
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2015-1172

    Unrestricted file upload vulnerability in admin/upload-file.php in the Holding Pattern theme (aka holding_pattern) 0.6 and earlier for WordPress allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing... Read more

    Affected Products : holding_pattern
    • EPSS Score: %81.15
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2015-0071

    Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."... Read more

    • Actively Exploited
    • EPSS Score: %34.89
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-0070

    Microsoft Internet Explorer 6 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information Disclosure Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %22.28
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-0069

    Microsoft Internet Explorer 10 and 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %23.41
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0068

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-20... Read more

    Affected Products : internet_explorer
    • EPSS Score: %29.61
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0067

    Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • EPSS Score: %24.07
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0066

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-0018... Read more

    Affected Products : internet_explorer
    • EPSS Score: %24.07
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0065

    Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "OneTableDocumentStream Remote Code Execution Vulnerability."... Read more

    Affected Products : word
    • EPSS Score: %68.60
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0064

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of se... Read more

    • EPSS Score: %66.31
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0063

    Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel 2010 SP2; Excel 2013 Gold, SP1, and RT; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption... Read more

    • EPSS Score: %34.11
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-0062

    Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges via a crafted application that leverages incorrect impersonation handling in a p... Read more

    • EPSS Score: %1.45
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-0061

    Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly initialize memory for TIFF images, which allows r... Read more

    • EPSS Score: %22.56
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 4.7

    MEDIUM
    CVE-2015-0060

    The font mapper in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does ... Read more

    • EPSS Score: %2.89
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 6.9

    MEDIUM
    CVE-2015-0059

    win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka "True... Read more

    • EPSS Score: %42.57
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-0058

    Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a crafted application, aka "Windows Cursor Object Double Free Vulnerability."... Read more

    • EPSS Score: %7.74
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 7.2

    HIGH
    CVE-2015-0057

    win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to ga... Read more

    • EPSS Score: %82.11
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 290997 Results