Skip to main content
CVE-2014-1201 CRITICAL POC THREAT Emergency

Buffer overflow in the INetViewX ActiveX control in the Lorex Edge LH310 and Edge+ LH320 series with firmware 7-35-28-1B26E, Edge2 LH330 series with firmware 11.17.38-33_1D97A, and Edge3 LH340 series. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 23.2%.

Buffer Overflow Denial Of Service RCE Edge Lh310 Firmware Edge +5
NVD GitHub Exploit-DB
CVSS 2.0
10.0
EPSS
23.2%
Threat
4.2
CVE-2014-0260 CRITICAL Emergency

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 37.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +5
NVD
CVSS 2.0
9.3
EPSS
37.2%
CVE-2014-0258 CRITICAL Emergency

Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 33.4% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +2
NVD
CVSS 2.0
9.3
EPSS
33.4%
CVE-2014-0259 CRITICAL Emergency

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.3% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +1
NVD
CVSS 2.0
9.3
EPSS
30.3%
CVE-2013-5907 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 16.6% and no vendor patch available.

Denial Of Service Java Oracle RCE Jdk +2
NVD
CVSS 2.0
10.0
EPSS
16.6%
CVE-2014-0493 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.6% and no vendor patch available.

Denial Of Service Buffer Overflow Adobe Microsoft RCE +1
NVD
CVSS 2.0
10.0
EPSS
12.6%
CVE-2014-0428 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
8.1%
CVE-2014-0422 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
8.1%
CVE-2014-0417 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre +1
NVD
CVSS 2.0
9.3
EPSS
9.2%
CVE-2014-0415 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
5.4%
CVE-2014-0410 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
10.0
EPSS
5.4%
CVE-2014-0495 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.9 and 11.x before 11.0.06 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Adobe Microsoft RCE +1
NVD
CVSS 2.0
10.0
EPSS
4.9%
CVE-2013-5893 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
7.0%
CVE-2014-0492 CRITICAL PATCH Act Now

Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Adobe Microsoft Flash Player Adobe Air Sdk +1
NVD
CVSS 2.0
10.0
EPSS
3.2%
CVE-2013-5889 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre Jdk
NVD
CVSS 2.0
9.3
EPSS
6.0%
CVE-2014-0491 CRITICAL PATCH Act Now

Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Adobe Microsoft Flash Player Adobe Air Sdk +1
NVD
CVSS 2.0
10.0
EPSS
2.2%
CVE-2014-0408 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jre
NVD
CVSS 2.0
9.3
EPSS
4.3%
CVE-2013-2820 CRITICAL Act Now

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to reprogram the firmware via a replay attack using UDP ports 17336 and 17388. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Raven X Ev Do Firmware Airlink Mp At T Airlink Mp At T Wifi Airlink Mp Bell +15
NVD
CVSS 2.0
10.0
EPSS
0.0%
CVE-2014-0385 CRITICAL Act Now

Unspecified vulnerability in Oracle Java SE 7u45, when installing on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Java Oracle Information Disclosure Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
1.6%
CVE-2013-2819 CRITICAL Act Now

The Sierra Wireless AirLink Raven X EV-DO gateway 4221_4.0.11.003 and 4228_4.0.11.003 allows remote attackers to install Trojan horse firmware by leveraging cleartext credentials in a crafted (1). Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Raven X Ev Do Firmware Airlink Mp At T Airlink Mp At T Wifi Airlink Mp Bell +15
NVD
CVSS 2.0
9.3
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy