Lucene search
K
Vulncheck KevRecent

4985 matches found

VulnCheck KEV
VulnCheck KEV
•added 2015/07/08 12:0 a.m.•5 views

VulnCheck KEV: CVE-2012-3213

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Scripting...

10CVSS7.3AI score0.09822EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/07/05 12:0 a.m.•5 views

VulnCheck KEV: CVE-2015-2387

ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server allows local users to gain privileges via a crafted application...

7.8CVSS5.8AI score0.36738EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2015/07/05 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-5119

A use-after-free vulnerability exists within the ActionScript 3 ByteArray class in Adobe Flash Player that allows an attacker to perform remote code execution...

10CVSS7.7AI score0.99344EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
•added 2015/07/05 12:0 a.m.•5 views

VulnCheck KEV: CVE-2015-5123

Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service DoS...

10CVSS7.6AI score0.18493EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/07/05 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-2426

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts...

9.3CVSS7.9AI score0.8669EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
•added 2015/07/05 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-5122

Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service DoS...

10CVSS7.6AI score0.93688EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
•added 2015/07/05 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-2425

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service DoS...

9.3CVSS6AI score0.44851EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/06/30 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-2424

Microsoft PowerPoint allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document...

9.3CVSS7.7AI score0.38497EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/06/29 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-3133

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a...

10CVSS6.2AI score0.05307EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/06/23 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-3113

Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code...

10CVSS7.8AI score0.9994EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEV
•added 2015/06/16 12:0 a.m.•5 views

VulnCheck KEV: CVE-2015-3105

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and...

10CVSS5.8AI score0.96079EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEV
•added 2015/06/10 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-9480

The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter...

7.5CVSS7.1AI score0.12574EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2015/06/09 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-2360

Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service DoS...

8.8CVSS5.8AI score0.14958EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/06/05 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-0336

Adobe Flash Player before 13.0.0.277 and 14.x through 17.x before 17.0.0.134 on Windows and OS X and before 11.2.202.451 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion," a different vulnerability than CVE-2015-0334...

9.3CVSS7.8AI score0.71536EPSS
Exploits4References1
VulnCheck KEV
VulnCheck KEV
•added 2015/05/22 12:0 a.m.•6 views

VulnCheck KEV: CVE-2008-1244

cgi-bin/setupdns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns11, dns12, dns13, and dns14 parameters. NOTE: it was later reported...

10CVSS5.8AI score0.04896EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2015/05/22 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-1187

The ping tool in multiple D-Link and TRENDnet devices allow remote attackers to perform remote code execution...

10CVSS7.6AI score0.82863EPSS
Exploits8References1
VulnCheck KEV
VulnCheck KEV
•added 2015/05/20 12:0 a.m.•2 views

VulnCheck KEV: CVE-2015-2945

mt-phpincgi.php in Hajime Fujimoto mt-phpincgi before 2015-05-15 does not properly restrict URLs, which allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted request, as exploited in the wild in May 2015...

7.5CVSS6.1AI score0.01749EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2015/05/09 12:0 a.m.•3 views

VulnCheck KEV: CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

9.8CVSS7.4AI score0.97107EPSS
Exploits15References1
VulnCheck KEV
VulnCheck KEV
•added 2015/05/01 12:0 a.m.•3 views

VulnCheck KEV: CVE-2014-8361

Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request...

10CVSS7.6AI score0.99975EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
•added 2015/04/18 12:0 a.m.•2 views

VulnCheck KEV: CVE-2015-1701

An unspecified vulnerability exists in the Win32k.sys kernel-mode driver in Microsoft Windows Server that allows a local attacker to execute arbitrary code with elevated privileges...

7.8CVSS7.6AI score0.562EPSS
Exploits38References1
VulnCheck KEV
VulnCheck KEV
•added 2015/04/14 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-1641

Microsoft Office contains a memory corruption vulnerability due to failure to properly handle rich text format files in memory. Successful exploitation allows for remote code execution in the context of the current user...

9.3CVSS7.8AI score0.97327EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2015/04/13 12:0 a.m.•7 views

VulnCheck KEV: CVE-2015-3043

A memory corruption vulnerability exists in Adobe Flash Player that allows an attacker to perform remote code execution...

10CVSS7.5AI score0.7983EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
•added 2015/04/01 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-0666

Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager DCNM allows remote attackers to read arbitrary files...

7.8CVSS5.9AI score0.40608EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/03/28 12:0 a.m.•5 views

VulnCheck KEV: CVE-2014-4019

ZTE ZXV10 W300 router with firmware W300V1.0.0aZRDLK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0...

7.5CVSS7.1AI score0.12669EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
•added 2015/03/10 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-0072

Cross-site scripting XSS vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the Same Origin Policy and inject arbitrary web script or HTML via vectors involving an IFRAME element that triggers a redirect, a second IFRAME element that does not trigger a...

4.3CVSS5.9AI score0.71698EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/27 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-1642

Microsoft Office contains a memory corruption vulnerability that allows remote attackers to execute arbitrary code via a crafted document...

9.3CVSS6.2AI score0.53213EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/23 12:0 a.m.•4 views

VulnCheck KEV: CVE-2014-0311

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0299 and CVE-2014-0305...

9.3CVSS7.5AI score0.20501EPSS
Exploits3References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/23 12:0 a.m.•5 views

VulnCheck KEV: CVE-2014-6332

OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site...

9.3CVSS7.6AI score0.94996EPSS
Exploits39References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/23 12:0 a.m.•3 views

VulnCheck KEV: CVE-2013-2551

Use-after-free vulnerability in Microsoft Internet Explorer allows remote attackers to execute remote code via a crafted web site that triggers access to a deleted object...

9.3CVSS7.7AI score0.74096EPSS
Exploits9References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/17 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-1494

The FancyBox for WordPress plugin before 3.0.3 for WordPress does not properly restrict access, which allows remote attackers to conduct cross-site scripting XSS attacks via an mfbfw parameter in an update action to wp-admin/admin-post.php, as demonstrated by the mfbfwpadding parameter and...

4.3CVSS5.7AI score0.06407EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/10 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-0071

Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization ASLR protection mechanism via a crafted web site...

6.5CVSS5.8AI score0.33581EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/01 12:0 a.m.•4 views

VulnCheck KEV: CVE-2012-0159

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before...

9.3CVSS5.8AI score0.26816EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2015/02/01 12:0 a.m.•6 views

VulnCheck KEV: CVE-2013-3894

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in a TrueType font...

9.3CVSS6.2AI score0.43101EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/01/20 12:0 a.m.•5 views

VulnCheck KEV: CVE-2015-0311

Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code...

10CVSS7.5AI score0.8582EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
•added 2015/01/16 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-0310

Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization ASLR protection mechanism...

10CVSS6AI score0.15217EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2015/01/14 12:0 a.m.•3 views

VulnCheck KEV: CVE-2015-0313

Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code...

10CVSS7.5AI score0.95683EPSS
Exploits9References1
VulnCheck KEV
VulnCheck KEV
•added 2015/01/13 12:0 a.m.•4 views

VulnCheck KEV: CVE-2015-0016

Directory traversal vulnerability in the TS WebProxy TSWbPrxy component in Microsoft Windows allows remote attackers to escalate privileges...

9.3CVSS7.1AI score0.7594EPSS
Exploits5References1
VulnCheck KEV
VulnCheck KEV
•added 2015/01/06 12:0 a.m.•6 views

VulnCheck KEV: CVE-2013-3660

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft does not properly initialize a pointer for the next object in a certain list, which allows local users to gain privileges...

7.8CVSS7.3AI score0.39578EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
•added 2014/12/30 12:0 a.m.•2 views

VulnCheck KEV: CVE-2014-10021

Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/...

7.5CVSS6.2AI score0.59968EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2014/12/15 12:0 a.m.•3 views

VulnCheck KEV: CVE-2014-9735

The ThemePunch Slider Revolution revslider plugin before 3.0.96 for WordPress and Showbiz Pro plugin 1.7.1 and earlier for Wordpress does not properly restrict access to administrator AJAX functionality, which allows remote attackers to 1 upload and execute arbitrary files via an...

7.5CVSS6AI score0.75256EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2014/12/10 12:0 a.m.•2 views

VulnCheck KEV: CVE-2014-0751

The CIMPLICITY Web-based access component, CimWebServer, does not check the location of shell files being loaded into the system. By modifying the source location, an attacker could send shell code to the CimWebServer which would deploy the nefarious files as part of any SCADA project. This...

7.5CVSS5.8AI score0.03063EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
•added 2014/12/09 12:0 a.m.•3 views

VulnCheck KEV: CVE-2014-9163

Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely...

10CVSS6.2AI score0.20356EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2014/11/25 12:0 a.m.•5 views

VulnCheck KEV: CVE-2015-9499

The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive...

9.8CVSS7.7AI score0.14775EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
•added 2014/11/18 12:0 a.m.•6 views

VulnCheck KEV: CVE-2014-6324

The Kerberos Key Distribution Center KDC in Microsoft allows remote authenticated domain users to obtain domain administrator privileges...

9CVSS7.5AI score0.87448EPSS
Exploits8References1
VulnCheck KEV
VulnCheck KEV
•added 2014/11/11 12:0 a.m.•6 views

VulnCheck KEV: CVE-2014-4077

Microsoft Input Method Editor IME Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default with the default set as disabled. IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE IME for Japanese is installed which...

9.3CVSS5.8AI score0.47679EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2014/10/28 12:0 a.m.•4 views

VulnCheck KEV: CVE-2013-3163

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause a denial of service via a crafted website...

9.3CVSS7.4AI score0.70676EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEV
•added 2014/10/22 12:0 a.m.•5 views

VulnCheck KEV: CVE-2014-0556

Heap-based buffer overflow in Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK &...

10CVSS7.3AI score0.84178EPSS
Exploits7References1
VulnCheck KEV
VulnCheck KEV
•added 2014/10/22 12:0 a.m.•4 views

VulnCheck KEV: CVE-2014-6352

Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object...

9.3CVSS7.6AI score0.77553EPSS
Exploits11References1
VulnCheck KEV
VulnCheck KEV
•added 2014/10/14 12:0 a.m.•8 views

VulnCheck KEV: CVE-2014-4123

Microsoft Internet Explorer contains an unspecified vulnerability that allows remote attackers to gain privileges via a crafted web site...

8.8CVSS5.8AI score0.40289EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
•added 2014/10/14 12:0 a.m.•5 views

VulnCheck KEV: CVE-2014-4148

A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts...

9.3CVSS6.5AI score0.50703EPSS
Exploits0References1
Total number of security vulnerabilities4985