VYPR

Vendor CVEs

Microsoft

All CVEs

14,247 total · sorted by risk
  • CVE-2015-2414Jul 14, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 8 through 11 allows remote attackers to obtain sensitive browsing-history information via vectors related to image caching, aka "Internet Explorer Information Disclosure Vulnerability."

  • CVE-2015-2413Jul 14, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted module-resource request, aka "Internet Explorer Information Disclosure Vulnerability."

  • CVE-2015-2412Jul 14, 2015
    risk 0.01cvss epss 0.18

    Microsoft Internet Explorer 10 and 11 allows remote attackers to read arbitrary local files via a crafted pathname, aka "Internet Explorer Information Disclosure Vulnerability."

  • CVE-2015-2411Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and…

  • CVE-2015-2410Jul 14, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 6 through 11 allows remote attackers to determine the existence of local files via a crafted stylesheet, aka "Internet Explorer Information Disclosure Vulnerability."

  • CVE-2015-2406Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385,…

  • CVE-2015-2404Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385,…

  • CVE-2015-2403Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

  • CVE-2015-2402Jul 14, 2015
    risk 0.01cvss epss 0.12

    Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."

  • CVE-2015-2401Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1767 and…

  • CVE-2015-2398Jul 14, 2015
    risk 0.01cvss epss 0.12

    Microsoft Internet Explorer 8 through 11 allows remote attackers to bypass the XSS filter via a crafted attribute of an element in an HTML document, aka "Internet Explorer XSS Filter Bypass Vulnerability."

  • CVE-2015-2397Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385,…

  • CVE-2015-2391Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

  • CVE-2015-2390Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2385,…

  • CVE-2015-2389Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1733 and…

  • CVE-2015-2388Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1738.

  • CVE-2015-2385Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2390,…

  • CVE-2015-2384Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2383 and CVE-2015-2425.

  • CVE-2015-2383Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2384 and CVE-2015-2425.

  • CVE-2015-2380Jul 14, 2015
    risk 0.01cvss epss 0.14

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, and Word 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2015-2379Jul 14, 2015
    risk 0.01cvss epss 0.14

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office…

  • CVE-2015-2378Jul 14, 2015
    risk 0.01cvss epss 0.06

    Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Microsoft Excel DLL Remote Code Execution…

  • CVE-2015-2377Jul 14, 2015
    risk 0.01cvss epss 0.14

    Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption…

  • CVE-2015-2376Jul 14, 2015
    risk 0.01cvss epss 0.16

    Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint…

  • CVE-2015-2375Jul 14, 2015
    risk 0.01cvss epss 0.14

    Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka…

  • CVE-2015-2369Jul 14, 2015
    risk 0.01cvss epss 0.10

    Untrusted search path vulnerability in Windows Media Device Manager in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as…

  • CVE-2015-2368Jul 14, 2015
    risk 0.01cvss epss 0.08

    Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Windows DLL Remote Code…

  • CVE-2015-1767Jul 14, 2015
    risk 0.01cvss epss 0.18

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2401 and…

  • CVE-2015-1738Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2388.

  • CVE-2015-1733Jul 14, 2015
    risk 0.01cvss epss 0.13

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2389 and…

  • CVE-2015-1729Jul 14, 2015
    risk 0.01cvss epss 0.15

    Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerability."

  • CVE-2015-3097Jun 10, 2015
    risk 0.01cvss epss 0.12

    Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160, Adobe AIR before 18.0.0.144, Adobe AIR SDK before 18.0.0.144, and Adobe AIR SDK & Compiler before 18.0.0.144 on 64-bit Windows 7 systems do not properly select a random memory address for the Flash…

  • CVE-2015-2359Jun 10, 2015
    risk 0.01cvss epss 0.11

    Cross-site scripting (XSS) vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Exchange HTML Injection Vulnerability."

  • CVE-2015-1766Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735,…

  • CVE-2015-1765Jun 10, 2015
    risk 0.01cvss epss 0.14

    Microsoft Internet Explorer 9 through 11 allows remote attackers to read the browser history via a crafted web site.

  • CVE-2015-1764Jun 10, 2015
    risk 0.01cvss epss 0.14

    The web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allow remote attackers to bypass the Same Origin Policy and send HTTP traffic to intranet servers via a crafted request, related to a Server-Side Request Forgery (SSRF) issue, aka "Exchange…

  • CVE-2015-1760Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Office Compatibility Pack SP3, Office 2010 SP2, Office 2013 SP1, and Office 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2015-1759Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2015-1757Jun 10, 2015
    risk 0.01cvss epss 0.11

    Cross-site scripting (XSS) vulnerability in adfs/ls in Active Directory Federation Services (AD FS) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 allows remote attackers to inject arbitrary web script or HTML via the wct parameter, aka "ADFS XSS Elevation of…

  • CVE-2015-1756Jun 10, 2015
    risk 0.01cvss epss 0.18

    Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows user-assisted remote attackers to execute…

  • CVE-2015-1754Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

  • CVE-2015-1753Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1742,…

  • CVE-2015-1752Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1741.

  • CVE-2015-1751Jun 10, 2015
    risk 0.01cvss epss 0.17

    Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."

  • CVE-2015-1748Jun 10, 2015
    risk 0.01cvss epss 0.15

    Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1743.

  • CVE-2015-1744Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735,…

  • CVE-2015-1743Jun 10, 2015
    risk 0.01cvss epss 0.14

    Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-1748.

  • CVE-2015-1742Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1732, CVE-2015-1747,…

  • CVE-2015-1741Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1752.

  • CVE-2015-1740Jun 10, 2015
    risk 0.01cvss epss 0.16

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1735,…

Page 237 of 285