Latest CVE Feed
-
9.3
HIGHCVE-2016-0795
LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document.... Read more
- Published: Feb. 18, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0827
Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSyst... Read more
Affected Products : android- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2019-8574
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.... Read more
- Published: Dec. 18, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-8536
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitra... Read more
- Published: Dec. 18, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2016-0820
The MediaTek Wi-Fi kernel driver in Android 6.0.1 before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug 26267358.... Read more
Affected Products : android- Published: Mar. 12, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2019-7837
Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : windows_10 windows_8.1 linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation flash_player_desktop_runtime flash_player mac_os_x chrome_os +1 more products- Published: May. 22, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2016-0636
Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.... Read more
- Published: Mar. 24, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2019-19816
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.... Read more
Affected Products : linux_kernel ubuntu_linux debian_linux active_iq_unified_manager hci_management_node solidfire steelstore_cloud_integrated_storage h610s_firmware aff_a400_firmware aff_a700s_firmware +8 more products- Published: Dec. 17, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1349
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387.... Read more
- Published: Jan. 24, 2020
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1247
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Sep. 11, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2019-1243
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, ... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows +1 more products- Published: Sep. 11, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2016-0199
Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more
Affected Products : internet_explorer- Published: Jun. 16, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2019-1128
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121... Read more
Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows windows_11_23h2- Published: Jul. 15, 2019
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2016-0170
GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_vista- Published: May. 11, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0182
Windows Journal in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted Journal (aka .jnt) file, aka "Windows Journal Memory Corruption Vulner... Read more
- Published: May. 11, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0136
Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Mi... Read more
- Published: Apr. 12, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0147
Microsoft XML Core Services 3.0 allows remote attackers to execute arbitrary code via a crafted web site, aka "MSXML 3.0 Remote Code Execution Vulnerability."... Read more
Affected Products : xml_core_services- Published: Apr. 12, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0142
Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web page, aka "Microsoft Video Control Remote Code Execution Vuln... Read more
- Published: Oct. 14, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0122
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Offi... Read more
- Published: Apr. 12, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-0127
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office We... Read more
Affected Products : office word word_viewer sharepoint_server office_compatibility_pack office_web_apps_server- Published: Apr. 12, 2016
- Modified: Apr. 12, 2025