Latest CVE Feed
-
9.3
HIGHCVE-2013-1315
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute a... Read more
- Published: Sep. 11, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2016-4902
Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vist... Read more
- Published: Jun. 09, 2017
- Modified: Apr. 20, 2025
-
9.3
HIGHCVE-2013-1010
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more
- Published: May. 20, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-1000
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more
- Published: May. 20, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0999
WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more
- Published: May. 20, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0989
Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MP3 file.... Read more
- Published: May. 24, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0984
Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message.... Read more
- Published: Jun. 05, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0868
libavcodec/huffyuvdec.c in FFmpeg before 1.1.2 allows remote attackers to have an unspecified impact via crafted Huffyuv data, related to an out-of-bounds write and (1) unchecked return codes from the init_vlc function and (2) "len==0 cases."... Read more
Affected Products : ffmpeg- Published: Nov. 23, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0851
The decode_frame function in libavcodec/eamad.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted Electronic Arts Madcow video data, which triggers an out-of-bounds array access.... Read more
Affected Products : ffmpeg- Published: Dec. 07, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0784
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Thunderbird before 17.0.3, and SeaMonkey before 2.16 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execu... Read more
- Published: Feb. 19, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0771
Heap-based buffer overflow in the gfxTextRun::ShrinkToLigatureBoundaries function in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attack... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0757
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 does not prevent modifications to the prototype of an o... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0755
Use-after-free vulnerability in the mozVibrate implementation in the Vibrate library in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.2, and SeaMonkey before 2.15 allows remote att... Read more
- Published: Jan. 13, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2013-0648
Unspecified vulnerability in the ExternalInterface ActionScript functionality in Adobe Flash Player before 10.3.183.67 and 11.x before 11.6.602.171 on Windows and Mac OS X, and before 10.3.183.67 and 11.x before 11.2.202.273 on Linux, allows remote attack... Read more
- Actively Exploited
- Published: Feb. 27, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-6535
DjVuLibre before 3.5.25.3, as used in Evince, Sumatra PDF Reader, VuDroid, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DjVu (aka .djv) file.... Read more
Affected Products : djvulibre- Published: Dec. 02, 2013
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-5839
Heap-based buffer overflow in the gfxShapedWord::CompressedGlyph::IsClusterStart function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remot... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus opensuse linux_enterprise_server +4 more products- Published: Nov. 21, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4204
The str_unescape function in the JavaScript engine in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) ... Read more
- Published: Nov. 21, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4182
Use-after-free vulnerability in the nsTextEditRules::WillInsert function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to exec... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server +4 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-4179
Use-after-free vulnerability in the nsHTMLCSSUtils::CreateCSSPropertyTxn function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attacker... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server +4 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025
-
9.3
HIGHCVE-2012-3995
The IsCSSWordSpacingSpace function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to execute arbitrary code or cause a denial o... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_eus linux_enterprise_server seamonkey +3 more products- Published: Oct. 10, 2012
- Modified: Apr. 11, 2025