Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-6115 | 1 Microsoft | 1 .net Framework | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft .NET Framework 2.0 SP2, 3.5, and 3.5.1 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka ".NET ASLR Bypass." | |||||
| CVE-2016-0047 | 1 Microsoft | 1 .net Framework | 2018-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to obtain sensitive information from process memory via crafted icon data, aka "Windows Forms Information Disclosure Vulnerability." | |||||
| CVE-2015-6059 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2018-10-12 | 4.3 MEDIUM | N/A |
| The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Scripting Engine Information Disclosure Vulnerability." | |||||
| CVE-2016-0075 | 1 Microsoft | 4 Windows 10, Windows 8.1, Windows Rt 8.1 and 1 more | 2018-10-12 | 2.1 LOW | 5.5 MEDIUM |
| The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0073. | |||||
| CVE-2015-6057 | 1 Microsoft | 1 Edge | 2018-10-12 | 5.0 MEDIUM | N/A |
| Microsoft Edge allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Microsoft Edge Information Disclosure Vulnerability." | |||||
| CVE-2016-0073 | 1 Microsoft | 4 Windows 10, Windows 8.1, Windows Rt 8.1 and 1 more | 2018-10-12 | 2.1 LOW | 5.0 MEDIUM |
| The kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive information in the registry, aka "Windows Kernel Local Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0075. | |||||
| CVE-2015-6157 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability." | |||||
| CVE-2015-6165 | 1 Microsoft | 1 Silverlight | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Microsoft Silverlight Information Disclosure Vulnerability," a different vulnerability than CVE-2015-6114. | |||||
| CVE-2015-6052 | 1 Microsoft | 3 Internet Explorer, Jscript, Vbscript | 2018-10-12 | 4.3 MEDIUM | N/A |
| The Microsoft (1) VBScript 5.7 and 5.8 and (2) JScript 5.7 and 5.8 engines, as used in Internet Explorer 8 through 11 and other products, allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "VBScript and JScript ASLR Bypass." | |||||
| CVE-2016-0059 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Hyperlink Object Library in Microsoft Internet Explorer 9 through 11 allows remote attackers to obtain sensitive information from process memory via a crafted URL in a (1) e-mail message or (2) Office document, aka "Internet Explorer Information Disclosure Vulnerability." | |||||
| CVE-2015-2421 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass." | |||||
| CVE-2015-2449 | 1 Microsoft | 2 Edge, Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 7 through 11 and Edge allow remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass." | |||||
| CVE-2015-2375 | 1 Microsoft | 3 Excel, Excel Viewer, Sharepoint Server | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka "Microsoft Excel ASLR Bypass Vulnerability." | |||||
| CVE-2015-2413 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted module-resource request, aka "Internet Explorer Information Disclosure Vulnerability." | |||||
| CVE-2015-2445 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 10 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "ASLR Bypass." | |||||
| CVE-2015-2410 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted stylesheet, aka "Internet Explorer Information Disclosure Vulnerability." | |||||
| CVE-2015-1765 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site. | |||||
| CVE-2015-2434 | 1 Microsoft | 1 Xml Core Services | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft XML Core Services 3.0 and 5.0 supports SSL 2.0, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by sniffing the network and conducting a decryption attack, aka "MSXML Information Disclosure Vulnerability," a different vulnerability than CVE-2015-2471. | |||||
| CVE-2015-2412 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 4.3 MEDIUM | N/A |
| Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability." | |||||
| CVE-2015-2483 | 1 Microsoft | 1 Internet Explorer | 2018-10-12 | 5.0 MEDIUM | N/A |
| Microsoft Internet Explorer 10 and 11 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Information Disclosure Vulnerability." | |||||