Skip to main content
CVE-2014-1776 CRITICAL POC KEV PATCH THREAT Act Now

Internet Explorer 6 through 11 contain a use-after-free vulnerability in CMarkup::IsConnectedToPrimaryMarkup that allows remote code execution, exploited as a zero-day in April 2014 with initial attribution to APT groups.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft +1
NVD VulDB
CVSS 3.1
9.8
EPSS
80.2%
Threat
9.4
CVE-2014-1764 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.1%.

RCE Privilege Escalation Microsoft Internet Explorer
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
71.1%
Threat
5.6
CVE-2014-2994 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 54.8%.

RCE Buffer Overflow Web Vulnerability Scanner
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
54.8%
Threat
5.1
CVE-2014-1762 HIGH POC THREAT Act Now

Unspecified vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code with medium-integrity privileges and bypass a sandbox protection mechanism via. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 46.2%.

RCE Microsoft Internet Explorer
NVD Exploit-DB VulDB
CVSS 2.0
7.5
EPSS
46.2%
Threat
4.4
CVE-2014-1763 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 39.3% and no vendor patch available.

RCE Microsoft Internet Explorer
NVD VulDB
CVSS 2.0
10.0
EPSS
39.3%
CVE-2014-1765 HIGH Act Now

Multiple use-after-free vulnerabilities in Microsoft Internet Explorer 6 through 11 allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by Sebastian Apelt and. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable. Epss exploitation probability 42.6% and no vendor patch available.

RCE Microsoft Internet Explorer
NVD VulDB
CVSS 2.0
7.6
EPSS
42.6%
CVE-2014-1766 CRITICAL POC PATCH THREAT Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by Sebastian Apelt. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 11.0%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB VulDB
CVSS 2.0
9.3
EPSS
11.0%
CVE-2014-3007 CRITICAL PATCH Act Now

Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Python Pillow Python Imaging Library
NVD VulDB
CVSS 2.0
10.0
EPSS
3.0%
CVE-2013-6887 MEDIUM This Month

OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Openjpeg
NVD VulDB
CVSS 2.0
6.4
EPSS
0.2%
CVE-2014-0162 MEDIUM PATCH This Month

The Sheepdog backend in OpenStack Image Registry and Delivery Service (Glance) 2013.2 before 2013.2.4 and icehouse before icehouse-rc2 allows remote authenticated users with permission to insert or. Rated medium severity (CVSS 6.0), this vulnerability is remotely exploitable.

Information Disclosure Icehouse Image Registry And Delivery Service Glance
NVD VulDB
CVSS 2.0
6.0
EPSS
0.6%
CVE-2013-6053 MEDIUM This Month

OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Openjpeg
NVD VulDB
CVSS 2.0
5.0
EPSS
0.4%
CVE-2014-2285 MEDIUM This Month

The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Net Snmp
NVD VulDB
CVSS 2.0
4.3
EPSS
3.3%
CVE-2014-2889 MEDIUM This Month

Off-by-one error in the bpf_jit_compile function in arch/x86/net/bpf_jit_comp.c in the Linux kernel before 3.1.8, when BPF JIT is enabled, allows local users to cause a denial of service (system. Rated medium severity (CVSS 4.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel
NVD GitHub VulDB
CVSS 2.0
4.6
EPSS
0.1%
CVE-2013-0296 MEDIUM This Month

Race condition in pigz before 2.2.5 uses permissions derived from the umask when compressing a file before setting that file's permissions to match those of the original file, which might allow local. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation Pigz
NVD VulDB
CVSS 2.0
4.4
EPSS
0.0%
CVE-2014-0181 LOW PATCH Monitor

The Netlink implementation in the Linux kernel through 3.14.1 does not provide a mechanism for authorizing socket operations based on the opener of a socket, which allows local users to bypass. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity.

Privilege Escalation Linux Linux Kernel Evergreen Enterprise Linux Desktop +4
NVD VulDB
CVSS 2.0
2.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy