| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2015-1756 | 9.3 |
Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows user-assisted rem
|
15-05-2019 - 15:33 | 10-06-2015 - 01:59 | |
| CVE-2015-1760 | 9.3 |
Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 SP1, and Office 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
30-10-2018 - 16:27 | 10-06-2015 - 01:59 | |
| CVE-2015-2359 | 4.3 |
Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Exchange HTML Injection Vulnerability.
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
| CVE-2015-1770 | 9.3 |
Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Uninitialized Memory Use Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
| CVE-2015-1771 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allows remote attackers to hijack the authentication of arbitrary users, aka "Exchange Cross-Site Request Forgery Vu
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
| CVE-2015-1759 | 9.3 |
Microsoft Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
|
12-10-2018 - 22:09 | 10-06-2015 - 01:59 | |
| CVE-2015-3648 | 7.5 |
Directory traversal vulnerability in pages/setup.php in Montala Limited ResourceSpace before 7.2.6727 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the defaultlanguage parameter.
|
09-10-2018 - 19:56 | 09-06-2015 - 14:59 | |
| CVE-2015-3217 | 5.0 |
PCRE 7.8 and 8.32 through 8.37, and PCRE2 10.10 mishandle group empty matches, which might allow remote attackers to cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by /^(?:(?(1)\\.|([^\\\\W_]
|
18-05-2018 - 01:29 | 13-12-2016 - 16:59 | |
| CVE-2017-7595 | 4.3 |
The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.
|
22-03-2018 - 01:29 | 09-04-2017 - 14:59 | |
| CVE-2008-0512 | 7.5 |
SQL injection vulnerability in index.php in the fq (com_fq) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter.
|
29-09-2017 - 01:30 | 31-01-2008 - 20:00 | |
| CVE-2003-1481 | 5.8 |
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the refere
|
29-07-2017 - 01:29 | 31-12-2003 - 05:00 | |
| CVE-2006-1800 | 7.5 |
Directory traversal vulnerability in posts.php in SimpleBBS 1.0.6 through 1.1 allows remote attackers to include and execute arbitrary files via ".." sequences in the language cookie, as demonstrated by by injecting the code into the gl_session cooki
|
20-07-2017 - 01:30 | 18-04-2006 - 10:02 |