Skip to main content
CVE-2013-0625 CRITICAL POC KEV THREAT Emergency

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Adobe Authentication Bypass RCE
NVD Exploit-DB VulDB
CVSS 3.1
9.8
EPSS
78.1%
Threat
7.3
CVE-2013-0003 CRITICAL Emergency

Buffer overflow in a System.DirectoryServices.Protocols (S.DS.P) namespace method in Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 61.3% and no vendor patch available.

Buffer Overflow Microsoft RCE Net Framework
NVD
CVSS 2.0
9.3
EPSS
61.3%
CVE-2013-0002 CRITICAL Emergency

Buffer overflow in the Windows Forms (aka WinForms) component in Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 61.2% and no vendor patch available.

Buffer Overflow Microsoft RCE Net Framework
NVD
CVSS 2.0
9.3
EPSS
61.2%
CVE-2013-0011 CRITICAL Emergency

The Print Spooler in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 36.3% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Windows 7 +1
NVD
CVSS 2.0
10.0
EPSS
36.3%
CVE-2013-0007 CRITICAL Act Now

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.2% and no vendor patch available.

Code Injection Microsoft RCE Xml Core Services Windows 7 +13
NVD
CVSS 2.0
9.3
EPSS
24.2%
CVE-2013-0004 CRITICAL Act Now

Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate the permissions of objects in memory, which allows remote attackers to execute arbitrary. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Microsoft RCE Net Framework
NVD
CVSS 2.0
9.3
EPSS
8.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy