Search
On this page ▾

KEV 2015

44 CISA Known Exploited Vulnerabilities from 2015

Critical 16

October 2025

CVE-2015-7755

Juniper ScreenOS — Juniper ScreenOS Improper Authentication Vulnerability

CVSS 9.8

April 2022

CVE-2015-0311

Adobe Flash Player — Adobe Flash Player Remote Code Execution Vulnerability

CVSS 9.8
CVE-2015-0313

Adobe Flash Player — Adobe Flash Player Use-After-Free Vulnerability

CVSS 9.8
CVE-2015-3113

Adobe Flash Player — Adobe Flash Player Heap-Based Buffer Overflow Vulnerability

CVSS 9.8
CVE-2015-5122

Adobe Flash Player — Adobe Flash Player Use-After-Free Vulnerability

CVSS 9.8
CVE-2015-5123

Adobe Flash Player — Adobe Flash Player Use-After-Free Vulnerability

CVSS 9.8

March 2022

CVE-2015-1187

D-Link and TRENDnet Multiple Devices — D-Link and TRENDnet Multiple Devices Remote Code Execution Vulnerability

CVSS 9.8
CVE-2015-1427

Elastic Elasticsearch — Elasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability

CVSS 9.8
CVE-2015-2590

Oracle Java SE — Oracle Java SE and Java SE Embedded Remote Code Execution Vulnerability

CVSS 9.8
CVE-2015-3043

Adobe Flash Player — Adobe Flash Player Memory Corruption Vulnerability

CVSS 9.8
CVE-2015-5119

Adobe Flash Player — Adobe Flash Player Use-After-Free Vulnerability

CVSS 9.8
CVE-2015-4068

Arcserve Unified Data Protection (UDP) — Arcserve Unified Data Protection (UDP) Directory Traversal Vulnerability

CVSS 9.1

February 2022

CVE-2015-1635

Microsoft HTTP.sys — Microsoft HTTP.sys Remote Code Execution Vulnerability

CVSS 9.8
CVE-2015-2051

D-Link DIR-645 Router — D-Link DIR-645 Router Remote Code Execution Vulnerability

CVSS 9.8

January 2022

CVE-2015-7450

IBM WebSphere Application Server and Server Hypervisor Edition — IBM WebSphere Application Server and Server Hypervisor Edition Code Injection.

CVSS 9.8

November 2021

CVE-2015-4852

Oracle WebLogic Server — Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability

CVSS 9.8

High 25

May 2023

CVE-2015-5317

Jenkins Jenkins User Interface (UI) — Jenkins User Interface (UI) Information Disclosure Vulnerability

CVSS 7.5

February 2023

CVE-2015-2291

Intel Ethernet Diagnostics Driver for Windows — Intel Ethernet Diagnostics Driver for Windows Denial-of-Service Vulnerability

CVSS 7.8

May 2022

CVE-2015-2360

Microsoft Win32k — Microsoft Win32k Privilege Escalation Vulnerability

CVSS 8.8
CVE-2015-2425

Microsoft Internet Explorer — Microsoft Internet Explorer Memory Corruption Vulnerability

CVSS 8.8
CVE-2015-4495

Mozilla Firefox — Mozilla Firefox Security Feature Bypass Vulnerability

CVSS 8.8
CVE-2015-8651

Adobe Flash Player — Adobe Flash Player Integer Overflow Vulnerability

CVSS 8.8
CVE-2015-0016

Microsoft Windows — Microsoft Windows TS WebProxy Directory Traversal Vulnerability

CVSS 7.8
CVE-2015-0310

Adobe Flash Player — Adobe Flash Player ASLR Bypass Vulnerability

CVSS 7.8
CVE-2015-1671

Microsoft Windows — Microsoft Windows Remote Code Execution Vulnerability

CVSS 7.8
CVE-2015-6175

Microsoft Windows — Microsoft Windows Kernel Privilege Escalation Vulnerability

CVSS 7.8

April 2022

CVE-2015-2502

Microsoft Internet Explorer — Microsoft Internet Explorer Memory Corruption Vulnerability

CVSS 8.8

March 2022

CVE-2015-1770

Microsoft Office — Microsoft Office Uninitialized Memory Use Vulnerability

CVSS 8.8
CVE-2015-2419

Microsoft Internet Explorer — Microsoft Internet Explorer Memory Corruption Vulnerability

CVSS 8.8
CVE-2015-2426

Microsoft Windows — Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability

CVSS 8.8
CVE-2015-2424

Microsoft PowerPoint — Microsoft PowerPoint Memory Corruption Vulnerability

CVSS 8.8
CVE-2015-2546

Microsoft Win32k — Microsoft Win32k Memory Corruption Vulnerability

CVSS 8.2
CVE-2015-1642

Microsoft Office — Microsoft Office Memory Corruption Vulnerability

CVSS 7.8
CVE-2015-1701

Microsoft Win32k — Microsoft Win32k Privilege Escalation Vulnerability

CVSS 7.8
CVE-2015-2387

Microsoft ATM Font Driver — Microsoft ATM Font Driver Privilege Escalation Vulnerability

CVSS 7.8
CVE-2015-2545

Microsoft Office — Microsoft Office Malformed EPS File Vulnerability

CVSS 7.8
CVE-2015-7645

Adobe Flash Player — Adobe Flash Player Arbitrary Code Execution Vulnerability

CVSS 7.8
CVE-2015-0666

Cisco Prime Data Center Network Manager (DCNM) — Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability

CVSS 7.5
CVE-2015-3035

TP-Link Multiple Archer Devices — TP-Link Multiple Archer Devices Directory Traversal Vulnerability

CVSS 7.5

February 2022

CVE-2015-1130

Apple OS X — Apple OS X Authentication Bypass Vulnerability

CVSS 7.8

November 2021

CVE-2015-1641

Microsoft Office — Microsoft Office Memory Corruption Vulnerability

CVSS 7.8

Medium 3

May 2022

CVE-2015-1769

Microsoft Windows — Microsoft Windows Mount Manager Privilege Escalation Vulnerability

CVSS 6.6
CVE-2015-0071

Microsoft Internet Explorer — Microsoft Internet Explorer ASLR Bypass Vulnerability

CVSS 6.5

March 2022

CVE-2015-4902

Oracle Java SE — Oracle Java SE Integrity Check Vulnerability

CVSS 5.3
Gavin Hollinger & AI assembled this air-gap friendly HTML