Latest CVE Feed
-
9.3
HIGHCVE-2013-0729
Heap-based buffer overflow in Tracker Software PDF-XChange before 2.5.208 allows remote attackers to execute arbitrary code via a crafted Define Huffman Table header in a JPEG image file stream in a PDF file.... Read more
- Published: Apr. 02, 2014
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2009-1690
Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code o... Read more
- Published: Jun. 10, 2009
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2013-0877
The old_codec37 function in libavcodec/sanm.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via crafted LucasArts Smush data that has a large size when decoded, related to an out-of-bounds array access.... Read more
Affected Products : ffmpeg- Published: Nov. 23, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0742
Stack-based buffer overflow in Corel PDF Fusion 1.11 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a long ZIP directory entry name in an XPS file.... Read more
Affected Products : pdf_fusion- Published: Oct. 03, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0762
Use-after-free vulnerability in the imgRequest::OnStopFrame function in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonk... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus opensuse +5 more products- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0745
The AutoWrapperChanger class in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not properly interact with garbage collection, which allows remote a... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2017-11216
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EM... Read more
- Published: Aug. 11, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2017-11268
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EM... Read more
- Published: Aug. 11, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2013-0710
Buffer overflow in Kingsoft Writer 2007 and 2010 before 2724 allows remote attackers to execute arbitrary code via a crafted RTF document.... Read more
- Published: Mar. 05, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0781
Use-after-free vulnerability in the nsPrintEngine::CommonPrint function in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrup... Read more
- Published: Feb. 19, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0654
CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary commands or cause a denial of service (daemon crash) via a crafted packet.... Read more
- Published: Jan. 27, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0640
Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.... Read more
Affected Products : linux_kernel enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_eus mac_os_x opensuse linux_enterprise_desktop acrobat +2 more products- Actively Exploited
- Published: Feb. 14, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0707
Unspecified vulnerability in JustSystems Ichitaro 2006 and 2007, Ichitaro Government 2006 and 2007, Ichitaro Portable with oreplug, Hanako 2006 through 2013, Hanako Police, Hanako Police 3, and Hanako Police 2010 allows remote attackers to execute arbitra... Read more
- Published: Mar. 01, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0600
Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass authentication and perform administrative actions via unknown vectors.... Read more
- Published: May. 09, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2009-1833
The JavaScript engine in Mozilla Firefox before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors ... Read more
- Published: Jun. 12, 2009
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2013-0643
The Firefox sandbox in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, does not properly restrict privileges, which makes it easier for remote attack... Read more
- Actively Exploited
- Published: Feb. 27, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2008-1435
Windows Explorer in Microsoft Windows Vista up to SP1, and Server 2008, allows user-assisted remote attackers to execute arbitrary code via crafted saved-search (.search-ms) files that are not properly handled when saving, aka "Windows Saved Search Vulner... Read more
- Published: Jul. 08, 2008
- Modified: Apr. 09, 2025
-
9.3
HIGHCVE-2011-0602
Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via crafted JP2K record types in a JPEG2000 image in a PDF file, which causes heap corruption, a d... Read more
- Published: Feb. 10, 2011
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2016-0978
Adobe Flash Player before 18.0.0.329 and 19.x and 20.x before 20.0.0.306 on Windows and OS X and before 11.2.202.569 on Linux, Adobe AIR before 20.0.0.260, Adobe AIR SDK before 20.0.0.260, and Adobe AIR SDK & Compiler before 20.0.0.260 allow attackers to ... Read more
Affected Products : android windows_10 windows_8.1 linux_kernel flash_player_desktop_runtime flash_player mac_os_x iphone_os chrome_os windows +3 more products- Published: Feb. 10, 2016
- Modified: Apr. 12, 2025
-
9.3
HIGHCVE-2016-1031
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more
Affected Products : android windows_10 windows_8.1 linux_kernel flash_player_desktop_runtime flash_player mac_os_x iphone_os chrome_os windows +3 more products- Published: Apr. 09, 2016
- Modified: Apr. 12, 2025