CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 0CVE-2015-2550
https://notcve.org/view.php?id=CVE-2015-2550
14 Oct 2015 — The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability." El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10 permite a usuarios loca... • http://www.securitytracker.com/id/1033805 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 13%CPEs: 12EXPL: 2CVE-2015-2553 – Microsoft Windows 10 - Sandboxed Mount Reparse Point Creation Mitigation Bypass (MS15-111)
https://notcve.org/view.php?id=CVE-2015-2553
14 Oct 2015 — The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by leveraging certain sandbox access, aka "Windows Mount Point Elevation of Privilege Vulnerability." El kernel en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1... • https://packetstorm.news/files/id/133971 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 2CVE-2015-2554 – Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service / Privilege Escalation (MS15-111)
https://notcve.org/view.php?id=CVE-2015-2554
14 Oct 2015 — The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows Object Reference Elevation of Privilege Vulnerability." El kernel en Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold y R2, Windows RT Gold y 8.1 y Windows 10 permite a usuarios locales ganar privilegios a través de una aplicación manipulada, también conocido como 'Windows Object Reference Elevation of... • https://packetstorm.news/files/id/134180 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.2EPSS: 1%CPEs: 12EXPL: 2CVE-2015-2552 – Microsoft Trusted Boot Security Feature Bypass
https://notcve.org/view.php?id=CVE-2015-2552
14 Oct 2015 — The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows physically proximate attackers to bypass the Trusted Boot protection mechanism, and consequently interfere with the integrity of code, BitLocker, Device Encryption, and Device Health Attestation, via a crafted Boot Configuration Data (BCD) setting, aka "Trusted Boot Security Feature Bypass Vulnerability." El kernel en Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold y R2,... • https://packetstorm.news/files/id/133962 • CWE-254: 7PK - Security Features •
CVSS: 9.3EPSS: 23%CPEs: 11EXPL: 0CVE-2015-2530
https://notcve.org/view.php?id=CVE-2015-2530
09 Sep 2015 — Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE Vulnerability," a different vulnerability than CVE-2015-2513 and CVE-2015-2514. Vulnerabilidad en Windows Journal en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.... • http://www.securitytracker.com/id/1033484 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 23%CPEs: 11EXPL: 0CVE-2015-2514
https://notcve.org/view.php?id=CVE-2015-2514
09 Sep 2015 — Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE Vulnerability," a different vulnerability than CVE-2015-2513 and CVE-2015-2530. Vulnerabilidad en Windows Journal en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.... • http://www.securitytracker.com/id/1033484 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 28%CPEs: 11EXPL: 0CVE-2015-2519
https://notcve.org/view.php?id=CVE-2015-2519
09 Sep 2015 — Integer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal Integer Overflow RCE Vulnerability." Vulnerabilidad de desbordamiento de entero en Windows Journal en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8... • http://www.securitytracker.com/id/1033484 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 23%CPEs: 11EXPL: 0CVE-2015-2513
https://notcve.org/view.php?id=CVE-2015-2513
09 Sep 2015 — Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka "Windows Journal RCE Vulnerability," a different vulnerability than CVE-2015-2514 and CVE-2015-2530. Vulnerabilidad en Windows Journal en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.... • http://www.securitytracker.com/id/1033484 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 0CVE-2015-2506
https://notcve.org/view.php?id=CVE-2015-2506
09 Sep 2015 — atmfd.dll in the Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to cause a denial of service (system crash) via a crafted OpenType font, aka "OpenType Font Parsing Vulnerability." Vulnerabilidad en atmfd.dll en Adobe Type Manager Library en Microsoft Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8... • http://www.securityfocus.com/bid/76563 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 14%CPEs: 7EXPL: 2CVE-2015-2527 – Microsoft Windows - NtUserGetClipboardAccessToken Token Leak (MS15-023)
https://notcve.org/view.php?id=CVE-2015-2527
09 Sep 2015 — The process-initialization implementation in win32k.sys in the kernel-mode drivers in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." Vulnerabilidad en la implementación process-initialization en win32k.sys en los controladores kernel-mode en Microsoft Windows 8, Windows 8.1, Wind... • https://packetstorm.news/files/id/133607 • CWE-264: Permissions, Privileges, and Access Controls •