Skip to main content
CVE-2013-3897 HIGH POC KEV PATCH THREAT Act Now

Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft +1
NVD Exploit-DB VulDB
CVSS 3.1
8.8
EPSS
88.2%
Threat
7.4
CVE-2013-3861 HIGH Act Now

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 allows remote attackers to cause a denial of service (application crash or hang) via crafted character sequences in JSON data, aka. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 78.4% and no vendor patch available.

Denial Of Service Microsoft Net Framework
NVD
CVSS 2.0
7.8
EPSS
78.4%
CVE-2013-3860 HIGH Act Now

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5 SP1, 3.5.1, 4, and 4.5 does not properly parse a DTD during XML digital-signature validation, which allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 63.8% and no vendor patch available.

Denial Of Service Microsoft Net Framework
NVD
CVSS 2.0
7.8
EPSS
63.8%
CVE-2013-5967 HIGH POC THREAT Act Now

Multiple SQL injection vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 4.3 and earlier allow remote attackers to execute arbitrary SQL commands via the date_from. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.3%.

PHP SQLi Open Source Security Information Management
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
35.3%
Threat
4.1
CVE-2013-3881 HIGH POC THREAT Act Now

win32k.sys in the kernel-mode drivers in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a crafted application, aka "Win32k NULL Page Vulnerability.". Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 17.7%.

Information Disclosure Microsoft Windows 7
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
17.7%
CVE-2012-4412 HIGH POC THREAT Act Now

Integer overflow in string/strcoll_l.c in the GNU C Library (aka glibc or libc6) 2.17 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 18.7%.

Buffer Overflow Denial Of Service RCE Glibc
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
18.7%
CVE-2013-3894 HIGH Act Now

The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 27.0% and no vendor patch available.

Code Injection Microsoft RCE Windows 7 Windows 8 +6
NVD
CVSS 3.1
8.1
EPSS
27.0%
CVE-2013-4258 HIGH POC This Week

Format string vulnerability in the osLogMsg function in server/os/aulog.c in Network Audio System (NAS) 1.9.3 allows remote attackers to cause a denial of service (crash) and possibly execute. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Network Audio System
NVD
CVSS 2.0
7.5
EPSS
1.2%
CVE-2013-3888 HIGH This Week

dxgkrnl.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2008 Windows Vista
NVD
CVSS 3.1
8.4
EPSS
0.6%
CVE-2013-4385 HIGH PATCH This Week

Buffer overflow in the "read-string!" procedure in the "extras" unit in CHICKEN stable before 4.8.0.5 and development snapshots before 4.8.3 allows remote attackers to cause a denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow Denial Of Service RCE Chicken
NVD
CVSS 2.0
7.5
EPSS
2.7%
CVE-2013-3200 HIGH This Week

The USB drivers in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Microsoft RCE Windows 7 Windows 8 +6
NVD
CVSS 2.0
7.2
EPSS
0.5%
CVE-2013-3879 HIGH This Week

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Microsoft Windows 7 Windows 8 Windows Rt +5
NVD
CVSS 2.0
7.2
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy