Skip to main content
CVE-2014-0569 CRITICAL POC PATCH THREAT Act Now

Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 89.0%.

Integer Overflow Adobe RCE Microsoft Flash Player +6
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
89.0%
Threat
6.0
CVE-2014-4121 CRITICAL Emergency

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 does not properly parse internationalized resource identifiers, which allows remote attackers to execute arbitrary code or cause. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 42.5% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Net Framework
NVD
CVSS 2.0
10.0
EPSS
42.5%
CVE-2014-4138 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 22.3%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
22.3%
Threat
4.0
CVE-2014-4141 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 20.5%.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
20.5%
Threat
4.0
CVE-2014-4073 CRITICAL Emergency

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2 processes unverified data during interaction with the ClickOnce installer, which allows remote attackers to gain privileges via. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 30.1% and no vendor patch available.

Privilege Escalation Microsoft Net Framework
NVD
CVSS 2.0
10.0
EPSS
30.1%
CVE-2014-4117 CRITICAL Emergency

Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Word 2010 SP1 and SP2, Office for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP1. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 32.0% and no vendor patch available.

RCE Microsoft Office Office Compatibility Pack Sharepoint Server +2
NVD
CVSS 2.0
9.3
EPSS
32.0%
CVE-2014-2927 CRITICAL POC Act Now

The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Authentication Bypass Arx Big Ip Access Policy Manager Big Ip Advanced Firewall Manager Big Ip Analytics +15
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
7.4%
CVE-2014-4129 CRITICAL Act Now

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
20.8%
CVE-2014-4130 CRITICAL Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 19.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
19.3%
CVE-2014-4134 CRITICAL Act Now

Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
16.3%
CVE-2014-4127 CRITICAL Act Now

Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
16.3%
CVE-2014-4133 CRITICAL Act Now

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 15.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
15.8%
CVE-2014-4126 CRITICAL Act Now

Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 15.7% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
15.7%
CVE-2014-0558 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 12.1%.

RCE Denial Of Service Code Injection Buffer Overflow Microsoft +4
NVD
CVSS 2.0
10.0
EPSS
12.1%
CVE-2014-4137 CRITICAL Act Now

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.2% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
14.2%
CVE-2014-4132 CRITICAL Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
14.1%
CVE-2014-4128 CRITICAL Act Now

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 14.1% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
14.1%
CVE-2014-6503 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
9.7%
CVE-2014-0564 CRITICAL PATCH Act Now

Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

RCE Denial Of Service Buffer Overflow Microsoft Adobe +7
NVD
CVSS 2.0
10.0
EPSS
6.1%
CVE-2014-6513 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
10.0
EPSS
6.1%
CVE-2014-6456 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
7.1%
CVE-2014-6532 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
6.9%
CVE-2014-6485 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 8u20 and JavaFX 2.2.65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jre
NVD
CVSS 2.0
9.3
EPSS
1.1%
CVE-2014-6562 CRITICAL PATCH Act Now

Unspecified vulnerability in Oracle Java SE 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Information Disclosure Java Oracle Jdk Jre
NVD
CVSS 2.0
9.3
EPSS
1.0%
CVE-2014-6560 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2014-6546 CRITICAL PATCH Act Now

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2014-6545 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2014-6467 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2014-6455 CRITICAL PATCH Act Now

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%
CVE-2014-6453 CRITICAL PATCH Act Now

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Oracle Database Server
NVD
CVSS 2.0
9.0
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy