Latest CVE Feed
-
9.3
HIGHCVE-2013-0762
Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonk... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus opensuse +5 more products- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0745
The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote a... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2017-11216
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EM... Read more
- Published: Aug. 11, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-11268
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EM... Read more
- Published: Aug. 11, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2013-0710
Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document.... Read more
- Published: Mar. 05, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0781
Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrup... Read more
- Published: Feb. 19, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0654
CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a denial of service (daemon crash) via a crafted packet.... Read more
- Published: Jan. 27, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0640
Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.... Read more
Affected Products : linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus mac_os_x opensuse linux_enterprise_desktop acrobat +2 more products- Actively Exploited
- Published: Feb. 14, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0707
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitra... Read more
- Published: Mar. 01, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0600
Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass authentication and perform administrative actions via unknown vectors.... Read more
- Published: May. 09, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2009-1833
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors ... Read more
- Published: Jun. 12, 2009
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2013-0643
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attack... Read more
- Actively Exploited
- Published: Feb. 27, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2008-1435
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulner... Read more
- Published: Jul. 08, 2008
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2011-0602
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a d... Read more
- Published: Feb. 10, 2011
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2016-0978
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to ... Read more
Affected Products : android windows_10 windows_8.1 linux_kernel flash_player_desktop_runtime flash_player mac_os_x iphone_os chrome_os windows +3 more products- Published: Feb. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-1031
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more
Affected Products : android windows_10 windows_8.1 linux_kernel flash_player_desktop_runtime flash_player mac_os_x iphone_os chrome_os windows +3 more products- Published: Apr. 09, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2015-5165
The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers to read process heap memory via unspecified vectors.... Read more
- Published: Aug. 12, 2015
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2012-2034
Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Android 4.x, and Adobe AIR before 3.3... Read more
Affected Products : android linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus macos enterprise_linux_eus flash_player opensuse +3 more products- Actively Exploited
- Published: Jun. 09, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2009-2139
Heap-based buffer overflow in svtools/source/filter.vcl/wmf/enhwmf.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allows remote attackers to execute arbitrary code via a crafted EMF file, a similar i... Read more
Affected Products : openoffice.org- Published: Sep. 08, 2009
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2012-2411
Buffer overflow in RealNetworks RealPlayer before 15.0.4.53, and RealPlayer SP 1.0 through 1.1.5, allows remote attackers to execute arbitrary code via a crafted RealJukebox Media file.... Read more
- Published: May. 18, 2012
- Modified: Apr. 11, 2025