Latest CVE Feed
-
9.3
HIGHCVE-2013-0851
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access.... Read more
Affected Products : ffmpeg- Published: Dec. 07, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0784
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execu... Read more
- Published: Feb. 19, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0771
Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attack... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0757
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an o... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0755
Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote att... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0648
Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attack... Read more
- Actively Exploited
- Published: Feb. 27, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-6535
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.... Read more
Affected Products : djvulibre- Published: Dec. 02, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-5839
Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remot... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus opensuse linux_enterprise_server +4 more products- Published: Nov. 21, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4204
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) ... Read more
- Published: Nov. 21, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4182
Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to exec... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server +4 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4179
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attacker... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server +4 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3995
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial o... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server seamonkey +3 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3991
Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 do not properly restrict JSAPI access to the GetProperty function, which allows remote attackers to bypass ... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server seamonkey +3 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3990
Use-after-free vulnerability in the IME State Manager implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute ... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server +4 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3967
The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large number of sampler uniforms are used, does not properly i... Read more
Affected Products : firefox firefox_esr thunderbird linux_kernel ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus opensuse +5 more products- Published: Aug. 29, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3683
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more
Affected Products : safari- Published: Jul. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3682
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more
Affected Products : safari- Published: Jul. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3679
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more
Affected Products : safari- Published: Jul. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3674
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more
Affected Products : safari- Published: Jul. 25, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3663
WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more
Affected Products : safari- Published: Jul. 25, 2012
- Modified: Apr. 11, 2025