CVSS: 7.3EPSS: 20%CPEs: 13EXPL: 2CVE-2015-6101 – Microsoft Windows - Race Condition DestroySMWP Use-After-Free (MS15-115)
https://notcve.org/view.php?id=CVE-2015-6101
11 Nov 2015 — The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-6100. El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server ... • https://packetstorm.news/files/id/134518 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 3%CPEs: 13EXPL: 2CVE-2015-6102 – Microsoft Windows - Cursor Object Memory Leak (MS15-115)
https://notcve.org/view.php?id=CVE-2015-6102
11 Nov 2015 — The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability." El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Wi... • https://packetstorm.news/files/id/134519 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 1%CPEs: 7EXPL: 0CVE-2015-6111
https://notcve.org/view.php?id=CVE-2015-6111
11 Nov 2015 — IPSec in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles encryption negotiation, which allows remote authenticated users to cause a denial of service (system hang) via crafted IP traffic, aka "Windows IPSec Denial of Service Vulnerability." IPSec en Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10 Gold y 1511 no maneja correctamente la negociación de cifrado, lo que permite ... • http://www.securitytracker.com/id/1034123 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 56%CPEs: 13EXPL: 3CVE-2015-6104 – Microsoft Windows Kernel - 'win32k.sys' Malformed TrueType Program TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
https://notcve.org/view.php?id=CVE-2015-6104
11 Nov 2015 — The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6103. Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Wi... • https://packetstorm.news/files/id/134398 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 56%CPEs: 13EXPL: 3CVE-2015-6103 – Microsoft Windows Kernel - 'win32k.sys' Malformed OS/2 Table TTF Font Processing Pool-Based Buffer Overflow (MS15-115)
https://notcve.org/view.php?id=CVE-2015-6103
11 Nov 2015 — The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted embedded font, aka "Windows Graphics Memory Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-6104. Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Wi... • https://packetstorm.news/files/id/134397 • CWE-20: Improper Input Validation •
CVSS: 7.3EPSS: 3%CPEs: 13EXPL: 0CVE-2015-2478
https://notcve.org/view.php?id=CVE-2015-2478
11 Nov 2015 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application that triggers a Winsock call referencing an invalid address, aka "Winsock Elevation of Privilege Vulnerability." Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT G... • http://www.securitytracker.com/id/1034121 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 2%CPEs: 5EXPL: 0CVE-2015-6109
https://notcve.org/view.php?id=CVE-2015-6109
11 Nov 2015 — The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulnerability." El kernel en Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1 y Windows 10 Gold y 1511 permite a usuarios locales eludir el mecanismo de protección KASLR, y en consecuencia descubrir una dir... • http://www.securitytracker.com/id/1034114 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.1EPSS: 0%CPEs: 13EXPL: 0CVE-2015-6113 – Microsoft Windows Hardlink Permission Issue
https://notcve.org/view.php?id=CVE-2015-6113
11 Nov 2015 — The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesystem permissions by leveraging Low Integrity access, aka "Windows Kernel Security Feature Bypass Vulnerability." El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Wind... • http://www.securitytracker.com/id/1034114 • CWE-254: 7PK - Security Features •
CVSS: 7.2EPSS: 11%CPEs: 12EXPL: 2CVE-2015-2553 – Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)
https://notcve.org/view.php?id=CVE-2015-2553
14 Oct 2015 — The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by leveraging certain sandbox access, aka "Windows Mount Point Elevation of Privilege Vulnerability." El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1... • https://packetstorm.news/files/id/133971 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 2CVE-2015-2554 – Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service / Privilege Escalation (MS15-111)
https://notcve.org/view.php?id=CVE-2015-2554
14 Oct 2015 — The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows Object Reference Elevation of Privilege Vulnerability." El kernel en Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10 permite a usuarios locales ganar privilegios a través de una aplicación manipulada, también conocido como 'Windows Object Reference Elevation of... • https://packetstorm.news/files/id/134180 • CWE-264: Permissions, Privileges, and Access Controls •