Skip to main content
CVE-2014-0253 MEDIUM POC THREAT This Month

Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly determine TCP connection states, which allows remote attackers to cause a denial of service (ASP.NET daemon. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 22.4%.

Denial Of Service Microsoft Net Framework
NVD
CVSS 2.0
5.0
EPSS
22.4%
CVE-2014-0295 MEDIUM POC THREAT This Month

VsaVb7rt.dll in Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 25.5%.

Privilege Escalation Microsoft RCE Net Framework
NVD
CVSS 2.0
4.3
EPSS
25.5%
CVE-2014-0293 MEDIUM This Month

Microsoft Internet Explorer 9 through 11 allows remote attackers to read content from a different (1) domain or (2) zone via a crafted web site, aka "Internet Explorer Cross-domain Information. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 30.0% and no vendor patch available.

Information Disclosure Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
30.0%
CVE-2013-6229 MEDIUM POC This Month

Multiple cross-site scripting (XSS) vulnerabilities in Atmail Webmail Server 7.0.2 allow remote attackers to inject arbitrary web script or HTML via the (1) filter parameter to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Atmail
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
0.7%
CVE-2013-2585 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in Atmail Webmail Server 6.6.x before 6.6.3 and 7.0.x before 7.0.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

PHP XSS Atmail
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2014-0268 MEDIUM This Month

Microsoft Internet Explorer 8 through 11 does not properly restrict file installation and registry-key creation, which allows remote attackers to bypass the Mandatory Integrity Control protection. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Privilege Escalation Microsoft Internet Explorer
NVD
CVSS 2.0
4.3
EPSS
8.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy