Latest CVE Feed
-
9.3
HIGHCVE-2013-0766
Use-after-free vulnerability in the ~nsHTMLEditRules implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonke... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus opensuse +5 more products- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0760
Buffer overflow in the CharDistributionAnalysis::HandleOneChar function in Mozilla Firefox before 18.0, Thunderbird before 17.0.2, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code via a crafted document.... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0641
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.... Read more
Affected Products : linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus mac_os_x opensuse linux_enterprise_desktop acrobat +2 more products- Actively Exploited
- Published: Feb. 14, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2021-26915
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in webrepdb StatusServlet.... Read more
Affected Products : netmotion_mobility- Published: Feb. 08, 2021
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2021-26913
NetMotion Mobility before 11.73 and 12.x before 12.02 allows unauthenticated remote attackers to execute arbitrary code as SYSTEM because of Java deserialization in RpcServlet.... Read more
Affected Products : netmotion_mobility- Published: Feb. 08, 2021
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2012-6277
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss... Read more
- Published: Feb. 21, 2020
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2012-4792
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a ... Read more
Affected Products : windows_7 windows_server_2008 internet_explorer windows_server_2003 windows_vista windows_xp ie- Actively Exploited
- Published: Dec. 30, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4183
Use-after-free vulnerability in the DOMSVGTests::GetRequiredFeatures function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus opensuse linux_enterprise_server +4 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4181
Use-after-free vulnerability in the nsSMILAnimationController::DoSample function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers... Read more
- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3989
Mozilla Firefox before 16.0, Thunderbird before 16.0, and SeaMonkey before 2.13 do not properly perform a cast of an unspecified variable during use of the instanceof operator on a JavaScript object, which allows remote attackers to execute arbitrary code... Read more
Affected Products : firefox thunderbird ubuntu_linux linux_enterprise_server seamonkey linux_enterprise_desktop- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3936
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962.... Read more
Affected Products : webex_recording_format_player- Published: Oct. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3631
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more
Affected Products : safari- Published: Jul. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3626
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more
Affected Products : safari- Published: Jul. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-2107
Integer overflow in the main function in util/lpci_main.c in Csound before 5.17.2, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted file, which triggers a heap-based buffer overflow.... Read more
Affected Products : csound- Published: Feb. 04, 2014
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-2027
Use-after-free vulnerability in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a crafted TIFF (aka .TIF) file.... Read more
- Published: May. 09, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-1958
Use-after-free vulnerability in the nsGlobalWindow::PageHidden function in Mozilla Firefox 4.x through 13.0, Firefox ESR 10.x before 10.0.6, Thunderbird 5.0 through 13.0, Thunderbird ESR 10.x before 10.0.6, and SeaMonkey before 2.11 might allow remote att... Read more
- Published: Jul. 18, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-1847
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute ar... Read more
- Published: May. 09, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-1133
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bi... Read more
- Published: Apr. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-1132
FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted dictionary d... Read more
- Published: Apr. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-0977
Stack-based buffer overflow in jp2_x.dll in LuraWave JP2 ActiveX Control 2.1.5.5 and other versions before 2.1.5.11 allows remote attackers to execute arbitrary code via a JPEG2000 (JP2) file with a crafted Quantization Default (QCD) marker segment.... Read more
Affected Products : lurawave_jp2_activex_control- Published: Feb. 02, 2012
- Modified: Apr. 11, 2025