Skip to main content
CVE-2013-3184 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 78.9%.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
78.9%
Threat
5.7
CVE-2013-3182 HIGH Act Now

The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processing of ICMP packets, which allows remote attackers to cause. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 88.8% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft Windows Server 2012
NVD
CVSS 2.0
7.8
EPSS
88.8%
Threat
4.2
CVE-2013-3183 HIGH Act Now

The TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly perform memory allocation. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 81.5% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft Windows 7 Windows 8 +4
NVD
CVSS 2.0
7.8
EPSS
81.5%
Threat
4.0
CVE-2013-3175 CRITICAL Emergency

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 66.2% and no vendor patch available.

Privilege Escalation Microsoft RCE Windows 7 Windows 8 +6
NVD
CVSS 2.0
10.0
EPSS
66.2%
Threat
4.0
CVE-2013-3181 CRITICAL Emergency

usp10.dll in the Unicode Scripts Processor in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 44.5% and no vendor patch available.

Buffer Overflow Microsoft RCE Windows Server 2003 Windows Xp
NVD
CVSS 2.0
9.3
EPSS
44.5%
CVE-2013-3191 CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3190 CRITICAL Emergency

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3199 CRITICAL Act Now

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3194 CRITICAL Act Now

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3193 CRITICAL Act Now

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3187 CRITICAL Act Now

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3189 CRITICAL Act Now

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 26.9% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
26.9%
CVE-2013-3188 CRITICAL Act Now

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 26.9% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
26.9%
CVE-2013-2126 HIGH POC PATCH This Week

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service RCE Libraw Ubuntu Linux Opensuse
NVD GitHub
CVSS 2.0
7.5
EPSS
3.2%
CVE-2013-4879 HIGH POC PATCH This Week

SQL injection vulnerability in core/inc/bigtree/cms.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to index.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

PHP SQLi Bigtree Cms
NVD Exploit-DB GitHub
CVSS 2.0
7.5
EPSS
1.1%
CVE-2013-5121 HIGH POC This Week

SQL injection vulnerability in PHPFox before 3.6.0 (build6) allows remote attackers to execute arbitrary SQL commands via the search[sort_by] parameter to user/browse/view_/. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Phpfox
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.9%
CVE-2013-5120 HIGH POC This Week

SQL injection vulnerability in PHPFox before 3.6.0 (build4) allows remote attackers to execute arbitrary SQL commands via the search[gender] parameter to user/browse/view_/. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Phpfox
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
0.9%
CVE-2013-2127 HIGH POC PATCH This Week

Buffer overflow in the exposure correction code in LibRaw before 0.15.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Buffer Overflow Denial Of Service RCE Libraw
NVD GitHub
CVSS 2.0
7.5
EPSS
0.9%
CVE-2013-3185 MEDIUM This Month

Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 allows remote attackers to obtain. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.9% and no vendor patch available.

Information Disclosure Microsoft Active Directory Federation Services
NVD
CVSS 2.0
5.0
EPSS
30.9%
CVE-2013-3186 HIGH Act Now

The Protected Mode feature in Microsoft Internet Explorer 7 through 10 on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Epss exploitation probability 16.0% and no vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
7.6
EPSS
16.0%
CVE-2013-4880 MEDIUM POC PATCH This Month

Cross-site scripting (XSS) vulnerability in core/admin/modules/developer/modules/views/add.php in BigTree CMS 4.0 RC2 and earlier allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

PHP XSS Bigtree Cms
NVD Exploit-DB GitHub
CVSS 2.0
4.3
EPSS
4.5%
CVE-2013-3192 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to inject arbitrary web script or HTML via crafted character sequences with EUC-JP. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.2% and no vendor patch available.

Microsoft XSS Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
18.2%
CVE-2013-3198 HIGH This Week

The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Windows 7 Windows 8 +4
NVD
CVSS 2.0
7.2
EPSS
1.2%
CVE-2013-3197 HIGH This Week

The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Windows 7 Windows 8 +4
NVD
CVSS 2.0
7.2
EPSS
1.2%
CVE-2013-3196 HIGH This Week

The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Microsoft Windows 7 Windows 8 +4
NVD
CVSS 2.0
7.2
EPSS
1.2%
CVE-2013-2078 MEDIUM This Month

Xen 4.0.2 through 4.0.4, 4.1.x, and 4.2.x allows local PV guest users to cause a denial of service (hypervisor crash) via certain bit combinations to the XSETBV instruction. Rated medium severity (CVSS 4.7). No vendor patch available.

Denial Of Service Xen
NVD
CVSS 2.0
4.7
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy