Skip to main content
CVE-2013-3163 HIGH POC KEV PATCH THREAT Act Now

Internet Explorer 8 through 10 contain a memory corruption vulnerability allowing remote code execution via crafted websites, used in targeted attacks against defense and aerospace organizations in 2013.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft
NVD Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
82.9%
Threat
9.2
CVE-2013-2115 HIGH POC PATCH THREAT Act Now

Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 87.6%.

Code Injection Apache RCE Struts
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
87.6%
Threat
5.7
CVE-2013-1300 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 27.2%.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows Rt +5
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
27.2%
CVE-2013-3129 HIGH Act Now

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 51.7% and no vendor patch available.

Code Injection Microsoft RCE Net Framework Lync +12
NVD
CVSS 3.1
7.8
EPSS
51.7%
CVE-2013-2784 HIGH POC THREAT Act Now

Triangle Research International (aka Tri) Nano-10 PLC devices with firmware before r81 use an incorrect algorithm for bounds checking of data in Modbus/TCP packets, which allows remote attackers to. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 22.7%.

Denial Of Service Nano 10 Plc Firmware Nano 10 Plc
NVD Exploit-DB
CVSS 2.0
7.8
EPSS
22.7%
CVE-2013-1340 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 3.1
8.4
EPSS
1.0%
CVE-2013-1345 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 2.0
7.2
EPSS
3.1%
CVE-2013-2871 HIGH This Week

Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the handling of. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2013-3173 HIGH This Week

Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 2.0
7.2
EPSS
2.6%
CVE-2013-2873 HIGH This Week

Use-after-free vulnerability in Google Chrome before 28.0.1500.71 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a 404 HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Debian Linux Chrome
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2013-2867 HIGH This Week

Google Chrome before 28.0.1500.71 does not properly prevent pop-under windows, which allows remote attackers to have an unspecified impact via a crafted web site. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Google Microsoft Chrome Debian Linux
NVD
CVSS 2.0
7.5
EPSS
0.7%
CVE-2013-2880 HIGH This Week

Multiple unspecified vulnerabilities in Google Chrome before 28.0.1500.71 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Google Chrome
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2013-3167 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 does not properly handle. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Information Disclosure Microsoft Windows 7 Windows Server 2003 +3
NVD
CVSS 2.0
7.2
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy