Skip to main content
CVE-2014-1776 CRITICAL POC KEV PATCH THREAT Act Now

Internet Explorer 6 through 11 contain a use-after-free vulnerability in CMarkup::IsConnectedToPrimaryMarkup that allows remote code execution, exploited as a zero-day in April 2014 with initial attribution to APT groups.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft +1
NVD VulDB
CVSS 3.1
9.8
EPSS
80.2%
Threat
9.4
CVE-2014-1764 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 71.1%.

RCE Privilege Escalation Microsoft Internet Explorer
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
71.1%
Threat
5.6
CVE-2014-2994 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in Acunetix Web Vulnerability Scanner (WVS) 8 build 20120704 allows remote attackers to execute arbitrary code via an HTML file containing an IMG element with a long URL. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 54.8%.

RCE Buffer Overflow Web Vulnerability Scanner
NVD Exploit-DB VulDB
CVSS 2.0
10.0
EPSS
54.8%
Threat
5.1
CVE-2014-1763 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 39.3% and no vendor patch available.

RCE Microsoft Internet Explorer
NVD VulDB
CVSS 2.0
10.0
EPSS
39.3%
CVE-2014-1766 CRITICAL POC PATCH THREAT Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as demonstrated by Sebastian Apelt. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 11.0%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB VulDB
CVSS 2.0
9.3
EPSS
11.0%
CVE-2014-3007 CRITICAL PATCH Act Now

Python Image Library (PIL) 1.1.7 and earlier and Pillow 2.3 might allow remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors related to CVE-2014-1932,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Python Pillow Python Imaging Library
NVD VulDB
CVSS 2.0
10.0
EPSS
3.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy