Skip to main content
CVE-2013-5117 HIGH POC PATCH This Week

SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module before 10.1 for DotNetNuke allows remote attackers to execute arbitrary SQL commands via the categoryid. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SQLi Dnnarticle
NVD Exploit-DB VulDB
CVSS 2.0
7.5
EPSS
0.8%
CVE-2014-0319 HIGH Act Now

Microsoft Silverlight 5 before 5.1.30214.0 and Silverlight 5 Developer Runtime before 5.1.30214.0 allow attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors, aka. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. Epss exploitation probability 13.1% and no vendor patch available.

Privilege Escalation Microsoft Silverlight
NVD VulDB
CVSS 2.0
7.1
EPSS
13.1%
CVE-2014-2240 HIGH PATCH This Week

Stack-based buffer overflow in the cf2_hintmap_build function in cff/cf2hints.c in FreeType before 2.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service RCE Buffer Overflow Freetype
NVD VulDB
CVSS 2.0
7.5
EPSS
1.9%
CVE-2014-0300 HIGH PATCH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Windows 7 Windows 8 Windows 8 1 +7
NVD VulDB
CVSS 2.0
7.2
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy