Skip to main content
CVE-2014-1815 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, as exploited in the wild in May. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 40.2%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
40.2%
Threat
4.6
CVE-2014-1806 CRITICAL POC THREAT Emergency

The .NET Remoting implementation in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, 4.5, and 4.5.1 does not properly restrict memory access, which allows remote attackers to execute. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 26.8%.

RCE Code Injection Microsoft Net Framework
NVD Exploit-DB
CVSS 2.0
10.0
EPSS
26.8%
Threat
4.3
CVE-2014-1849 CRITICAL POC THREAT Emergency

Foscam IP camera 11.37.2.49 and other versions, when using the Foscam DynDNS option, generates credentials based on predictable camera subdomain names, which allows remote attackers to spoof or. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 21.1%.

Authentication Bypass Ip Camera Firmware
NVD GitHub Exploit-DB
CVSS 2.0
10.0
EPSS
21.1%
Threat
4.1
CVE-2014-0525 CRITICAL Emergency

The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 31.3% and no vendor patch available.

Adobe Privilege Escalation RCE Microsoft Acrobat Reader +1
NVD
CVSS 2.0
10.0
EPSS
31.3%
CVE-2014-2046 CRITICAL POC THREAT Emergency

cgi-bin/rpcBridge in the web interface 1.1 on Broadcom Ltd PIPA C211 rev2 does not properly restrict access, which allows remote attackers to (1) obtain credentials and other sensitive information. Rated critical severity (CVSS 9.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 12.3%.

Broadcom Information Disclosure Pipa C211 Web Interface Pipa C211
NVD Exploit-DB
CVSS 2.0
9.7
EPSS
12.3%
CVE-2014-0310 CRITICAL Act Now

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
20.9%
CVE-2014-1756 CRITICAL Act Now

Untrusted search path vulnerability in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1, when the Simplified Chinese Proofing Tool is enabled, allows local users to. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.1% and no vendor patch available.

Information Disclosure Microsoft Office
NVD
CVSS 2.0
9.3
EPSS
20.1%
CVE-2014-0528 CRITICAL Act Now

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Adobe RCE Microsoft Acrobat Reader Acrobat
NVD
CVSS 2.0
10.0
EPSS
14.8%
CVE-2014-0529 CRITICAL Act Now

Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 14.8% and no vendor patch available.

Adobe Buffer Overflow RCE Microsoft Acrobat +1
NVD
CVSS 2.0
10.0
EPSS
14.8%
CVE-2014-0251 CRITICAL Act Now

Microsoft Windows SharePoint Services 3.0 SP3; SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 Gold and SP1; SharePoint Foundation 2010 SP1 and SP2 and 2013 Gold and SP1; Project Server 2010. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.6% and no vendor patch available.

RCE Code Injection Microsoft Office Web Apps Server Project Server +6
NVD
CVSS 2.0
9.0
EPSS
19.6%
CVE-2014-0526 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.5% and no vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
12.5%
CVE-2014-0524 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
8.3%
CVE-2014-0523 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
8.3%
CVE-2014-0522 CRITICAL Act Now

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +2
NVD
CVSS 2.0
10.0
EPSS
8.3%
CVE-2014-0513 CRITICAL Act Now

Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2 allows remote attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Buffer Overflow RCE Illustrator
NVD
CVSS 2.0
10.0
EPSS
7.9%
CVE-2014-0527 CRITICAL Act Now

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe RCE Microsoft Acrobat Acrobat Reader
NVD
CVSS 2.0
10.0
EPSS
6.7%
CVE-2014-2405 CRITICAL Act Now

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Debian Ubuntu Openjdk
NVD
CVSS 2.0
10.0
EPSS
0.6%
CVE-2014-0462 CRITICAL Act Now

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Debian Ubuntu Openjdk
NVD
CVSS 2.0
10.0
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy