Skip to main content
CVE-2013-0629 HIGH POC KEV THREAT Act Now

Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Adobe Information Disclosure
NVD Exploit-DB VulDB
CVSS 3.1
7.5
EPSS
84.0%
Threat
7.0
CVE-2013-0631 HIGH KEV THREAT Act Now

Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 83.3%.

Adobe Information Disclosure
NVD VulDB
CVSS 3.1
7.5
EPSS
83.3%
Threat
5.5
CVE-2013-0006 HIGH Act Now

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 68.3% and no vendor patch available.

Microsoft RCE Xml Core Services Windows 7 Windows 8 +12
NVD
CVSS 3.1
8.8
EPSS
68.3%
CVE-2013-0005 HIGH Act Now

The WCF Replace function in the Open Data (aka OData) protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012,. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 65.3% and no vendor patch available.

Denial Of Service Microsoft Net Framework Management Odata Iis Extension
NVD
CVSS 2.0
7.8
EPSS
65.3%
CVE-2013-0008 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 17.6%.

Privilege Escalation Microsoft Windows Vista Windows Server 2008 Windows 7 +3
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
17.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy