Skip to main content
CVE-2014-7192 CRITICAL POC PATCH THREAT Act Now

Eval injection vulnerability in index.js in the syntax-error package before 1.1.1 for Node.js 0.10.x, as used in IBM Rational Application Developer and other products, allows remote attackers to. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 43.9%.

IBM RCE Node.js Code Injection Node Js
NVD GitHub Exploit-DB
CVSS 2.0
10.0
EPSS
43.9%
Threat
4.8
CVE-2014-6357 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 48.0% and no vendor patch available.

RCE Denial Of Service Microsoft Office Office Compatibility Pack +3
NVD
CVSS 2.0
9.3
EPSS
48.0%
CVE-2014-6363 CRITICAL POC THREAT Emergency

vbscript.dll in Microsoft VBScript 5.6 through 5.8, as used with Internet Explorer 6 through 11 and other products, allows remote attackers to execute arbitrary code or cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 26.8%.

Denial Of Service RCE Buffer Overflow Microsoft Vbscript +1
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
26.8%
Threat
4.2
CVE-2014-6364 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.7% and no vendor patch available.

RCE Denial Of Service Microsoft Office
NVD
CVSS 2.0
9.3
EPSS
31.7%
CVE-2014-6369 CRITICAL Act Now

Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 29.7% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
29.7%
CVE-2014-6375 CRITICAL Act Now

Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.3% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
24.3%
CVE-2014-8966 CRITICAL Act Now

Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
24.0%
CVE-2014-6376 CRITICAL Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
24.0%
CVE-2014-6373 CRITICAL Act Now

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
24.0%
CVE-2014-6327 CRITICAL Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.0% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
24.0%
CVE-2014-6374 CRITICAL Act Now

Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 22.8% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
22.8%
CVE-2014-6329 CRITICAL Act Now

Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.9% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
20.9%
CVE-2014-6361 CRITICAL Act Now

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.1% and no vendor patch available.

RCE Code Injection Microsoft Excel Office Compatibility Pack
NVD
CVSS 2.0
9.3
EPSS
20.1%
CVE-2014-6360 CRITICAL Act Now

Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.1% and no vendor patch available.

RCE Code Injection Microsoft Excel Office Compatibility Pack
NVD
CVSS 2.0
9.3
EPSS
20.1%
CVE-2014-6356 CRITICAL Act Now

Array index error in Microsoft Word 2007 SP3, Word 2010 SP2, and Office Compatibility Pack SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Invalid Index. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 20.1% and no vendor patch available.

RCE Code Injection Microsoft Office Compatibility Pack Word
NVD
CVSS 2.0
9.3
EPSS
20.1%
CVE-2014-6366 CRITICAL Act Now

Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
16.4%
CVE-2014-6330 CRITICAL Act Now

Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 16.4% and no vendor patch available.

Denial Of Service RCE Buffer Overflow Microsoft Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
16.4%
CVE-2014-8373 CRITICAL Act Now

The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 through 6.1.1 allows remote authenticated users to gain privileges via vectors involving the "Connect (by). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation VMware Vcloud Automation Center
NVD
CVSS 2.0
9.0
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy