Microsoft: >> Windows >> server_2008 Security Vulnerabilities
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles.
CVSS Score
3.0
EPSS Score
0.011
Published
2016-05-05
The Mozilla Maintenance Service updater in Mozilla Firefox before 46.0 on Windows allows user-assisted remote attackers to delete arbitrary files by leveraging certain local file execution.
CVSS Score
5.5
EPSS Score
0.008
Published
2016-04-30
Double free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via a crafted Graphics State dictionary.
CVSS Score
8.8
EPSS Score
0.033
Published
2016-04-30
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information, cause a denial of service (crash), or gain privileges via unspecified vectors related to an untrusted pointer, which trigger uninitialized or out-of-bounds memory access.
CVSS Score
8.4
EPSS Score
0.001
Published
2016-04-12
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows allows local users to obtain sensitive information from kernel memory, cause a denial of service (crash), or possibly gain privileges via unspecified vectors, which trigger uninitialized or out-of-bounds memory access.
CVSS Score
8.4
EPSS Score
0.0
Published
2016-04-12
The Escape interface in the Kernel Mode Driver layer in the NVIDIA GPU graphics driver R340 before 341.95 and R352 before 354.74 on Windows improperly allows access to restricted functionality, which allows local users to gain privileges via unspecified vectors.
CVSS Score
7.8
EPSS Score
0.0
Published
2016-04-12
Incomplete blacklist vulnerability in the servlet filter restriction mechanism in WildFly (formerly JBoss Application Server) before 10.0.0.Final on Windows allows remote attackers to read the sensitive files in the (1) WEB-INF or (2) META-INF directory via a request that contains (a) lowercase or (b) "meaningless" characters.
CVSS Score
7.5
EPSS Score
0.248
Published
2016-04-01
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file.
CVSS Score
7.8
EPSS Score
0.001
Published
2016-03-28
Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVSS Score
5.5
EPSS Score
0.006
Published
2016-03-13
Race condition in libvpx in Mozilla Firefox before 45.0 on Windows might allow remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via unknown vectors.
CVSS Score
8.8
EPSS Score
0.007
Published
2016-03-13