CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 0CVE-2015-1702
https://notcve.org/view.php?id=CVE-2015-1702
13 May 2015 — The Service Control Manager (SCM) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Service Control Manager Elevation of Privilege Vulnerability." Service Control Manager (SCM) en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows S... • http://www.securityfocus.com/bid/74492 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 17%CPEs: 12EXPL: 0CVE-2015-1716
https://notcve.org/view.php?id=CVE-2015-1716
13 May 2015 — Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict Diffie-Hellman Ephemeral (DHE) key lengths, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors, aka "Schannel Information Disclosure Vulnerability." Schannel en Microsoft Windows Server 2003 SP2, Windows Vista SP2, Window... • http://www.securityfocus.com/bid/74489 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 5%CPEs: 12EXPL: 1CVE-2015-1676 – Microsoft Windows NtUserGetTitleBarInfo Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-1676
12 May 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1677, CVE-2015-1678, CVE-2015-1679, and CVE-2015-1680. Los controladores de modo de kernel en Microsoft ... • https://www.exploit-db.com/exploits/37049 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 5%CPEs: 12EXPL: 1CVE-2015-1677 – Microsoft Windows NtUserGetScrollBarInfo Stack Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-1677
12 May 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1678, CVE-2015-1679, and CVE-2015-1680. Los controladores de modo de kernel en Microsoft ... • https://www.exploit-db.com/exploits/37049 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 5%CPEs: 12EXPL: 1CVE-2015-1678 – Microsoft Windows NtUserGetComboBoxInfo Stack Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-1678
12 May 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1679, and CVE-2015-1680. Los controladores de modo de kernel en Microsoft ... • https://www.exploit-db.com/exploits/37049 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 6%CPEs: 12EXPL: 1CVE-2015-1679 – Microsoft Windows NtUserGetMessage Stack Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-1679
12 May 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1680. Los controladores de modo de kernel en Microsoft ... • https://www.exploit-db.com/exploits/37049 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 5%CPEs: 12EXPL: 1CVE-2015-1680 – Microsoft Windows NtUserRealInternalGetMessage Stack Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-1680
12 May 2015 — The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to bypass the ASLR protection mechanism via a crafted function call, aka "Microsoft Windows Kernel Memory Disclosure Vulnerability," a different vulnerability than CVE-2015-1676, CVE-2015-1677, CVE-2015-1678, and CVE-2015-1679. Los controladores de modo de kernel en Microsoft ... • https://www.exploit-db.com/exploits/37049 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 90%CPEs: 5EXPL: 6CVE-2015-1701 – Microsoft Win32k Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2015-1701
21 Apr 2015 — Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." Win32k.sys en los controladores kernel-mode en Microsoft Windows Server 2003 SP2, Vista SP2 y Server 2008 SP2 permite a usuarios locales obtener privilegios a través de una aplicación manipulada, tal y como se explota activamente en Abril de 2015, t... • https://packetstorm.news/files/id/132403 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 0CVE-2015-1643
https://notcve.org/view.php?id=CVE-2015-1643
14 Apr 2015 — Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "NtCreateTransactionManager Type Confusion Vulnerability." Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server ... • http://www.securitytracker.com/id/1032113 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 2%CPEs: 13EXPL: 0CVE-2015-1644
https://notcve.org/view.php?id=CVE-2015-1644
14 Apr 2015 — Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows MS-DOS Device Name Vulnerability." Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 y R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold y R... • http://www.securityfocus.com/bid/73998 • CWE-264: Permissions, Privileges, and Access Controls •