Latest CVE Feed
-
10.0
HIGHCVE-2014-1547
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ... Read more
- Published: Jul. 23, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-1538
Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory... Read more
- Published: Jun. 11, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-0540
Adobe Flash Player before 13.0.0.241 and 14.x before 14.0.0.176 on Windows and OS X and before 11.2.202.400 on Linux, Adobe AIR before 14.0.0.178 on Windows and OS X and before 14.0.0.179 on Android, Adobe AIR SDK before 14.0.0.178, and Adobe AIR SDK & Co... Read more
- Published: Aug. 12, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-0589
Heap-based buffer overflow in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before ... Read more
- Published: Nov. 11, 2014
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2021-27446
The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system.... Read more
Affected Products : cmt-svr-100_firmware cmt-svr-102_firmware cmt-svr-200_firmware cmt-svr-202_firmware cmt-g01_firmware cmt-g02_firmware cmt-g03_firmware cmt-g04_firmware cmt3071_firmware cmt3072_firmware +22 more products- Published: May. 16, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-27391
A vulnerability has been identified in APOGEE MBC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE MEC (PPC) (P2 Ethernet) (All versions >= V2.6.3), APOGEE PXC Compact (BACnet) (All versions < V3.5.3), APOGEE PXC Compact (P2 Ethernet) (All versions >=... Read more
Affected Products : apogee_mbc_\(ppc\)_\(p2_ethernet\)_firmware apogee_mec_\(ppc\)_\(p2_ethernet\)_firmware apogee_pxc_bacnet_automation_controller_firmware apogee_pxc_compact_\(p2_ethernet\)_firmware apogee_pxc_modular_\(bacnet\)_firmware apogee_pxc_modular_\(p2_ethernet\)_firmware talon_tc_compact_\(bacnet\)_firmware talon_tc_modular_\(bacnet\)_firmware apogee_mbc_\(ppc\)_\(p2_ethernet\) apogee_mec_\(ppc\)_\(p2_ethernet\) +6 more products- Published: Sep. 14, 2021
- Modified: Apr. 23, 2025
-
10.0
CRITICALCVE-2021-27460
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier components contain .NET remoting endpoints that deserialize untrusted data without sufficiently verifying that the resulting data will be valid. This vulnerability may allow a remote, unauthen... Read more
Affected Products : factorytalk_assetcentre- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2021-27466
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary c... Read more
Affected Products : factorytalk_assetcentre- Published: Mar. 23, 2022
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2021-27372
Realtek xPON RTL9601D SDK 1.9 stores passwords in plaintext which may allow attackers to possibly gain access to the device with root permissions via the build-in network monitoring tool and execute arbitrary commands.... Read more
- Published: Mar. 25, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-5907
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: ... Read more
- Published: Jan. 15, 2014
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-5782
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confident... Read more
- Published: Oct. 16, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-5610
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknow... Read more
- Published: Dec. 11, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-5601
Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2... Read more
- Published: Oct. 30, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-3612
Dahua DVR appliances have a hardcoded password for (1) the root account and (2) an unspecified "backdoor" account, which makes it easier for remote attackers to obtain administrative access via authorization requests involving (a) ActiveX, (b) a standalon... Read more
Affected Products : dvr0404hd-a dvr0404hd-l dvr0404hd-s dvr0404hd-u dvr0404hf-a-e dvr0404hf-al-e dvr0404hf-s-e dvr0404hf-u-e dvr0804 dvr0804hd-l +55 more products- Published: Sep. 17, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-3361
Adobe Flash Player before 11.7.700.242 and 11.8.x before 11.8.800.168 on Windows and Mac OS X, before 11.2.202.310 on Linux, before 11.1.111.73 on Android 2.x and 3.x, and before 11.1.115.81 on Android 4.x; Adobe AIR before 3.8.0.1430; and Adobe AIR SDK &... Read more
- Published: Sep. 12, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-3355
Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE... Read more
- Published: Sep. 12, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-3324
Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.... Read more
Affected Products : android linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_eus enterprise_linux_eus flash_player mac_os_x opensuse +4 more products- Published: May. 16, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-3211
Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe issue."... Read more
Affected Products : opera_browser- Published: Apr. 19, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-1701
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allow remote attackers to cause a denial of... Read more
- Published: Aug. 07, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-1489
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" se... Read more
- Published: Jan. 31, 2013
- Modified: Apr. 11, 2025