Latest CVE Feed
-
10.0
HIGHCVE-2013-0693
The kernel in ENEA OSE on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier performs network-beacon broadcasts, which allows remote attackers... Read more
Affected Products : ose roc_800l_remote_terminal_unit roc_800_remote_terminal_unit dl_8000_remote_terminal_unit- Published: Oct. 03, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2020-5341
Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Da... Read more
- Published: Jul. 28, 2021
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-2767
Unspecified vulnerability in Websense TRITON AP-EMAIL before 8.0.0 has unknown impact and attack vectors, related to "Autocomplete Enabled."... Read more
Affected Products : triton_ap_email- Published: Mar. 27, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2020-5344
Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitra... Read more
Affected Products : idrac9_firmware idrac8_firmware idrac7_firmware emc_idrac9_firmware idrac7 idrac8 idrac9- Published: Mar. 31, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-2734
The CairoTextureClientD3D9::BorrowDrawTarget function in the Direct3D 9 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has... Read more
- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-2725
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly ... Read more
- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2013-0873
The read_header function in libavcodec/shorten.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via an invalid channel count, related to "freeing invalid addresses."... Read more
Affected Products : ffmpeg- Published: Nov. 23, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2015-2733
Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttp... Read more
Affected Products : firefox firefox_esr solaris suse_linux_enterprise_desktop suse_linux_enterprise_server- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-2726
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more
- Published: Jul. 06, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-2638
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.... Read more
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2013-1710
The crypto.generateCRMFRequest function in Mozilla Firefox before 23.0, Firefox ESR 17.x before 17.0.8, Thunderbird before 17.0.8, Thunderbird ESR 17.x before 17.0.8, and SeaMonkey before 2.20 allows remote attackers to execute arbitrary JavaScript code o... Read more
- Published: Aug. 07, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-1718
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allow remote attackers to cause a denial of s... Read more
- Published: Sep. 18, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2015-2608
Unspecified vulnerability in (1) the Oracle Communications Diameter Signaling Router (DSR) component in Oracle Communications Applications 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier; (2) the Oracle Communications Perfor... Read more
Affected Products : communications_applications- Published: Oct. 21, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2010-3116
Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, allow remote attackers to execute arbitrary code or cause a denial of service (ap... Read more
- Published: Aug. 24, 2010
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2019-15505
drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir).... Read more
- Published: Aug. 23, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2015-2590
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CV... Read more
Affected Products : ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_tus enterprise_linux_eus jdk jre +11 more products- Actively Exploited
- Published: Jul. 16, 2015
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2018-12812
Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user... Read more
- Published: Jul. 20, 2018
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2016-3427
Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.... Read more
- Actively Exploited
- Published: Apr. 21, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2016-3586
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a dif... Read more
Affected Products : weblogic_server- Published: Jul. 21, 2016
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2015-2342
The JMX RMI service in VMware vCenter Server 5.0 before u3e, 5.1 before u3b, 5.5 before u3, and 6.0 before u1 does not restrict registration of MBeans, which allows remote attackers to execute arbitrary code via the RMI protocol.... Read more
Affected Products : vcenter_server- Published: Oct. 12, 2015
- Modified: Apr. 12, 2025