Skip to main content
CVE-2017-0144 HIGH POC KEV EUVD KEV PATCH THREAT Act Now

Remote code execution in Microsoft SMBv1 allows authenticated network attackers to execute arbitrary code on Windows systems via crafted packets. This vulnerability (part of the MS17-010 bulletin and known as 'EternalBlue') is confirmed actively exploited (CISA KEV) with EPSS score of 94.32%, indicating near-certain exploitation probability. Widely weaponized in 2017 WannaCry and NotPetya ransomware campaigns. Affects Windows Vista through Windows 10 1607 and Windows Server 2008-2016, plus Siemens medical imaging systems running vulnerable Windows embedded OS. Multiple public exploits available including DOUBLEPULSAR payload delivery framework.

Microsoft RCE
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
94.3%
Threat
9.6
CVE-2017-0143 HIGH POC KEV PATCH THREAT Act Now

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Microsoft RCE
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
94.0%
Threat
7.6
CVE-2017-0146 HIGH POC KEV PATCH THREAT Act Now

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Microsoft RCE
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
93.3%
Threat
7.6
CVE-2017-0145 HIGH POC KEV PATCH THREAT Act Now

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Microsoft RCE
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
93.3%
Threat
7.6
CVE-2017-0148 HIGH POC KEV PATCH THREAT Act Now

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Actively exploited in the wild (cisa kev) and public exploit code available.

Microsoft RCE
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
94.1%
Threat
7.4
CVE-2017-0147 HIGH POC KEV PATCH THREAT Act Now

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Information Disclosure Microsoft
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
92.4%
Threat
7.3
CVE-2017-0101 HIGH POC KEV PATCH THREAT Act Now

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Buffer Overflow Microsoft
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
67.2%
Threat
6.6
CVE-2015-3884 HIGH POC THREAT Act Now

Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 72.9%.

RCE File Upload Qdpm
NVD
CVSS 3.1
8.8
EPSS
72.9%
Threat
5.4
CVE-2017-0070 HIGH POC PATCH THREAT Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 84.9%.

Memory Corruption Microsoft Use After Free RCE Edge
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
84.9%
Threat
5.5
CVE-2017-0089 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 75.2%.

Windows Server 2008 Windows Vista Buffer Overflow RCE Microsoft +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
75.2%
Threat
5.5
CVE-2017-0149 HIGH KEV PATCH THREAT Act Now

Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 41.5%.

Buffer Overflow Memory Corruption Denial Of Service RCE Microsoft
NVD
CVSS 3.1
8.8
EPSS
41.5%
Threat
4.5
CVE-2017-0001 HIGH POC KEV PATCH THREAT Act Now

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Actively exploited in the wild (cisa kev) and public exploit code available.

Information Disclosure Microsoft
NVD GitHub
CVSS 3.1
7.8
EPSS
25.4%
Threat
5.3
CVE-2017-0005 HIGH POC KEV PATCH THREAT Act Now

Windows GDI (Graphics Device Interface) allows local privilege escalation through improper memory handling, attributed to the Zirconium APT group and exploited alongside browser zero-days in targeted campaigns.

Information Disclosure Microsoft
NVD
CVSS 3.1
7.8
EPSS
8.0%
Threat
6.8
CVE-2017-0100 HIGH POC PATCH THREAT Act Now

A DCOM object in Helppane.exe in Microsoft Windows 7 SP1; Windows Server 2008 R2; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and EPSS exploitation probability 50.3%.

Microsoft Authentication Bypass Windows 10 Windows 7 Windows 8 1 +4
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
50.3%
Threat
4.6
CVE-2017-0108 HIGH POC PATCH THREAT Act Now

The Windows Graphics Component in Microsoft Office 2007 SP3; 2010 SP2; and Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Live Meeting 2007; Silverlight 5; Windows Vista SP2; Windows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 36.7%.

Buffer Overflow RCE Microsoft Live Meeting Lync +7
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
36.7%
Threat
4.2
CVE-2017-0141 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 51.6%.

RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
51.6%
CVE-2017-0090 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.0%.

Buffer Overflow RCE Microsoft Windows 7 Windows Server 2008 +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
24.0%
Threat
4.0
CVE-2017-0088 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.0%.

Buffer Overflow RCE Microsoft Windows 7 Windows Server 2008 +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
24.0%
Threat
4.0
CVE-2017-0087 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.0%.

Buffer Overflow RCE Microsoft Windows 7 Windows Server 2008 +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
24.0%
Threat
4.0
CVE-2017-0086 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.0%.

Buffer Overflow RCE Microsoft Windows 7 Windows Server 2008 +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
24.0%
Threat
4.0
CVE-2017-0083 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 24.0%.

Buffer Overflow RCE Microsoft Windows 7 Windows Server 2008 +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
24.0%
Threat
4.0
CVE-2017-0084 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 23.2%.

Buffer Overflow RCE Microsoft Windows 10 Windows 7 +6
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
23.2%
Threat
4.0
CVE-2014-8722 HIGH POC THREAT Act Now

GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) data/users/<username>.xml, (2) backups/users/<username>.xml.bak, (3). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 27.3%.

Information Disclosure Getsimple Cms
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
27.3%
CVE-2017-0072 HIGH POC PATCH THREAT Act Now

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 16.9%.

Buffer Overflow RCE Microsoft Windows 7 Windows Server 2008 +1
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
16.9%
CVE-2017-0104 HIGH PATCH Act Now

The iSNS Server service in Microsoft Windows Server 2008 SP2 and R2, Windows Server 2012 Gold and R2, and Windows Server 2016 allows remote attackers to issue malicious requests via an integer. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 34.9%.

Integer Overflow Microsoft Buffer Overflow Windows Server 2008 Windows Server 2012 +1
NVD
CVSS 3.0
8.1
EPSS
34.9%
CVE-2017-0030 HIGH PATCH Act Now

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 28.1%.

Buffer Overflow RCE Microsoft Denial Of Service Office +4
NVD
CVSS 3.0
7.8
EPSS
28.1%
CVE-2017-0052 HIGH PATCH Act Now

Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 26.2%.

Buffer Overflow RCE Microsoft Denial Of Service Excel +3
NVD
CVSS 3.0
7.8
EPSS
26.2%
CVE-2017-0006 HIGH PATCH Act Now

Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 26.2%.

Buffer Overflow RCE Microsoft Denial Of Service Excel +3
NVD
CVSS 3.0
7.8
EPSS
26.2%
CVE-2017-0134 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.1%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
26.1%
CVE-2017-0071 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.1%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
26.1%
CVE-2017-0015 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 26.1%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
26.1%
CVE-2017-0010 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 25.1%.

RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
25.1%
CVE-2017-0053 HIGH PATCH Act Now

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 23.5%.

Buffer Overflow RCE Microsoft Denial Of Service Office +3
NVD
CVSS 3.0
7.8
EPSS
23.5%
CVE-2017-0133 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.9%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
23.9%
CVE-2017-0094 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.9%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
23.9%
CVE-2017-0014 HIGH PATCH Act Now

The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607;. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.8%.

RCE Microsoft Office Windows 10 Windows 7 +5
NVD
CVSS 3.0
7.5
EPSS
23.8%
CVE-2017-0034 HIGH PATCH Act Now

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 23.6%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
23.6%
CVE-2017-0031 HIGH PATCH Act Now

Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 21.9%.

Buffer Overflow RCE Microsoft Denial Of Service Office +2
NVD
CVSS 3.0
7.8
EPSS
21.9%
CVE-2017-0020 HIGH PATCH Act Now

Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 21.7%.

Buffer Overflow RCE Microsoft Denial Of Service Excel +1
NVD
CVSS 3.0
7.8
EPSS
21.7%
CVE-2017-0023 HIGH PATCH Act Now

The PDF library in Microsoft Edge; Windows 8.1; Windows Server 2012 and R2; Windows RT 8.1; and Windows 10, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted PDF file,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 22.4%.

Buffer Overflow RCE Microsoft Edge Windows 10 +3
NVD
CVSS 3.0
7.5
EPSS
22.4%
CVE-2017-0018 HIGH PATCH Act Now

Microsoft Internet Explorer 10 and 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 20.8%.

Buffer Overflow RCE Microsoft Denial Of Service Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
20.8%
CVE-2015-3881 HIGH POC This Week

Information disclosure issue in qdPM 8.3 allows remote attackers to obtain sensitive information via a direct request to (1) core/config/databases.yml, (2) core/log/qdPM_prod.log, or (3). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Qdpm
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2014-8701 HIGH POC This Week

Wonder CMS 2014 allows remote attackers to obtain sensitive information by viewing /files/password, which reveals the unsalted MD5 hashed password. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Wondercms
NVD
CVSS 3.0
7.5
EPSS
0.3%
CVE-2017-0040 HIGH PATCH Act Now

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 18.7%.

Buffer Overflow RCE Microsoft Denial Of Service Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
18.7%
CVE-2017-0103 HIGH POC This Week

The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 mishandles registry objects in memory, which allows local users to gain. Rated high severity (CVSS 7.0). Public exploit code available and no vendor patch available.

Buffer Overflow Microsoft Windows 7 Windows Server 2008 Windows Server 2012 +1
NVD Exploit-DB
CVSS 3.0
7.0
EPSS
1.2%
CVE-2017-0130 HIGH PATCH Act Now

The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.3%.

Buffer Overflow RCE Microsoft Denial Of Service Internet Explorer
NVD
CVSS 3.0
7.5
EPSS
16.3%
CVE-2017-0151 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0150 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0138 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
CVE-2017-0137 HIGH PATCH Act Now

A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 16.0%.

Buffer Overflow RCE Microsoft Edge
NVD
CVSS 3.0
7.5
EPSS
16.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy