Skip to main content
CVE-2012-3569 CRITICAL POC PATCH THREAT Act Now

Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 80.6%.

VMware Microsoft RCE Ovf Tool Workstation +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
80.6%
Threat
5.8
CVE-2012-2543 CRITICAL Emergency

Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 65.9% and no vendor patch available.

Buffer Overflow Microsoft RCE Excel Excel Viewer +2
NVD
CVSS 2.0
9.3
EPSS
65.9%
CVE-2012-1885 CRITICAL Emergency

Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 65.9% and no vendor patch available.

Buffer Overflow Microsoft RCE Excel Office +1
NVD
CVSS 2.0
9.3
EPSS
65.9%
CVE-2012-1886 CRITICAL Emergency

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 62.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Excel +2
NVD
CVSS 2.0
9.3
EPSS
62.1%
CVE-2012-1887 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 58.3% and no vendor patch available.

Denial Of Service Microsoft RCE Excel Office
NVD
CVSS 2.0
9.3
EPSS
58.3%
CVE-2012-1528 CRITICAL Emergency

Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 47.4% and no vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows Server 2003 +4
NVD
CVSS 2.0
9.3
EPSS
47.4%
CVE-2012-1527 CRITICAL Emergency

Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 47.4% and no vendor patch available.

Information Disclosure Microsoft Windows 7 Windows 8 Windows Server 2003 +4
NVD
CVSS 2.0
9.3
EPSS
47.4%
CVE-2012-4776 CRITICAL Emergency

The Web Proxy Auto-Discovery (WPAD) functionality in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not validate configuration data that is returned during acquisition of proxy. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.0% and no vendor patch available.

Microsoft RCE Net Framework
NVD
CVSS 2.0
9.3
EPSS
45.0%
CVE-2012-1538 CRITICAL Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CFormElement Use After Free Vulnerability.". Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.2% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
14.2%
CVE-2012-4777 CRITICAL Act Now

The code-optimization feature in the reflection implementation in Microsoft .NET Framework 4 and 4.5 does not properly enforce object permissions, which allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 10.2% and no vendor patch available.

Privilege Escalation Microsoft RCE Net Framework
NVD
CVSS 2.0
9.3
EPSS
10.2%
CVE-2012-4953 CRITICAL Act Now

The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Denial Of Service RCE Antivirus Endpoint Protection +1
NVD
CVSS 2.0
9.3
EPSS
9.5%
CVE-2012-1895 CRITICAL Act Now

The reflection implementation in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5.1, and 4 does not properly enforce object permissions, which allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft RCE Net Framework
NVD
CVSS 2.0
9.3
EPSS
9.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy