Skip to main content
CVE-2013-0074 HIGH POC KEV PATCH THREAT Act Now

Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Microsoft RCE
NVD Exploit-DB VulDB
CVSS 3.1
7.8
EPSS
93.1%
Threat
7.4
CVE-2013-0085 HIGH Act Now

Buffer overflow in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to cause a denial of service (W3WP process crash and site outage) via a crafted URL,. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 70.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
7.8
EPSS
70.1%
CVE-2013-0079 CRITICAL Emergency

Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.5% and no vendor patch available.

Microsoft RCE Office Filter Pack Visio Visio Viewer
NVD
CVSS 2.0
9.3
EPSS
59.5%
CVE-2013-1288 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0094 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0093 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0089 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-0087 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 59.1% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
59.1%
CVE-2013-1469 MEDIUM POC THREAT This Month

Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 51.6%.

PHP Path Traversal Piwigo
NVD Exploit-DB
CVSS 2.0
4.0
EPSS
51.6%
CVE-2013-0092 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
42.3%
CVE-2013-0080 HIGH Act Now

Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allow remote attackers to bypass intended read restrictions for content, and hijack user accounts, via a crafted URL, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 50.3% and no vendor patch available.

Privilege Escalation Microsoft Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
7.5
EPSS
50.3%
CVE-2013-0091 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 39.5% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
39.5%
CVE-2013-0088 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 39.5% and no vendor patch available.

Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
39.5%
CVE-2013-0090 HIGH POC THREAT Act Now

Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 18.8%.

Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
18.8%
CVE-2013-2558 CRITICAL Act Now

Unspecified vulnerability in Microsoft Windows 8 allows remote attackers to cause a denial of service (reboot) or possibly have unknown other impact via a crafted TrueType Font (TTF) file, as. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 23.8% and no vendor patch available.

Denial Of Service Microsoft Windows 8
NVD
CVSS 2.0
10.0
EPSS
23.8%
CVE-2013-0084 HIGH Act Now

Directory traversal vulnerability in Microsoft SharePoint Server 2010 SP1 and SharePoint Foundation 2010 SP1 allows remote attackers to bypass intended read restrictions for content, and hijack user. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 33.0% and no vendor patch available.

Path Traversal Microsoft Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
7.5
EPSS
33.0%
CVE-2013-0083 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via crafted content, leading to administrative command. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.1% and no vendor patch available.

Microsoft XSS Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
4.3
EPSS
44.1%
CVE-2013-1375 CRITICAL Act Now

Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

Google Buffer Overflow Adobe Microsoft RCE +5
NVD
CVSS 2.0
10.0
EPSS
10.6%
CVE-2013-0086 MEDIUM This Month

Microsoft OneNote 2010 SP1 does not properly determine buffer sizes during memory allocation, which allows remote attackers to obtain sensitive information via a crafted OneNote file, aka "Buffer. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 34.2% and no vendor patch available.

Buffer Overflow Microsoft Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
5.0
EPSS
34.2%
CVE-2013-0095 MEDIUM This Month

Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 29.3% and no vendor patch available.

Information Disclosure Apple Microsoft Office
NVD
CVSS 2.0
5.0
EPSS
29.3%
CVE-2013-0646 CRITICAL Act Now

Integer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Google Microsoft RCE Flash Player +4
NVD
CVSS 2.0
10.0
EPSS
3.9%
CVE-2013-1371 CRITICAL Act Now

Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before 11.1.111.44 on Android 2.x and 3.x, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Denial Of Service Buffer Overflow Adobe Microsoft +6
NVD
CVSS 2.0
10.0
EPSS
3.7%
CVE-2013-0650 CRITICAL Act Now

Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X, before 10.3.183.68 and 11.x before 11.2.202.275 on Linux, before. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Google Microsoft RCE Flash Player +4
NVD
CVSS 2.0
10.0
EPSS
3.6%
CVE-2013-1287 HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE Windows Xp Windows Server 2003 +5
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-1286 HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE Windows Xp Windows Server 2003 +5
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-1285 HIGH This Week

The USB kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft RCE Windows Xp Windows Server 2003 +5
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-0312 MEDIUM This Month

389 Directory Server before 1.3.0.4 allows remote attackers to cause a denial of service (crash) via a zero length LDAP control sequence. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service 389 Directory Server
NVD
CVSS 2.0
5.0
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy