CVE-2015-4495
- EPSS 69.92%
- Published 08.08.2015 00:59:04
- Last modified 30.07.2025 03:15:45
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript...
CVE-2015-1283
- EPSS 0.63%
- Published 23.07.2015 00:59:12
- Last modified 12.04.2025 10:46:40
Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspec...
- EPSS 64.62%
- Published 16.07.2015 10:59:17
- Last modified 12.04.2025 10:46:40
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability th...
- EPSS 45.2%
- Published 14.07.2015 10:59:01
- Last modified 12.04.2025 10:46:40
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and 12...
- EPSS 92.58%
- Published 14.07.2015 10:59:00
- Last modified 12.04.2025 10:46:40
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x through 18.0.0.203 on Windows and OS X, 11.x through 11.2.202.481 on Linux, and...
- EPSS 93.27%
- Published 08.07.2015 14:59:05
- Last modified 21.04.2025 15:09:01
Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attacker...
- EPSS 0.95%
- Published 06.07.2015 02:01:07
- Last modified 12.04.2025 10:46:40
The YCbCrImageDataDeserializer::ToDataSourceSurface function in the YCbCr implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, wh...
- EPSS 0.95%
- Published 06.07.2015 02:01:06
- Last modified 12.04.2025 10:46:40
The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecifi...
- EPSS 0.95%
- Published 06.07.2015 02:01:03
- Last modified 12.04.2025 10:46:40
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, whic...
- EPSS 92.91%
- Published 23.06.2015 21:59:01
- Last modified 12.04.2025 10:46:40
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in...