Latest CVE Feed
-
10.0
HIGHCVE-2014-1553
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or poss... Read more
- Published: Sep. 03, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-1512
Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering ... Read more
Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus +7 more products- Published: Mar. 19, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-1377
Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute arbitrary code via a crafted application.... Read more
- Published: Jul. 01, 2014
- Modified: Apr. 12, 2025
-
10.0
HIGHCVE-2014-1359
Integer underflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application.... Read more
- Published: Jul. 01, 2014
- Modified: Apr. 12, 2025
-
10.0
CRITICALCVE-2019-11061
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/smarthome/devicecontrol without any authentication. CVSS 3... Read more
- Published: Aug. 29, 2019
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2019-10959
BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build 11, 1.2 Build 15, 1.3.0 Build 14, 1.3.1 Build 13, This does not impact the latest firmware Versions 1.3.2 and 1.6.1, Additionally, the following products using software Version 2.3.6 a... Read more
Affected Products : alaris_gateway_workstation_firmware alaris_gs_syringe_pump_firmware alaris_gh_syringe_pump_firmware alaris_cc_syringe_pump_firmware alaris_tiva_syringe_pump_firmware alaris_gateway_workstation alaris_gs_syringe_pump alaris_gh_syringe_pump alaris_cc_syringe_pump alaris_tiva_syringe_pump- Published: Jun. 13, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10880
Within multiple XEROX products a vulnerability allows remote command execution on the Linux system, as the "nobody" user through a crafted "HTTP" request (OS Command Injection vulnerability in the HTTP interface). Depending upon configuration authenticati... Read more
- Published: Apr. 12, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10789
All versions of curling.js are vulnerable to Command Injection via the run function. The command argument can be controlled by users without any sanitization.... Read more
Affected Products : curling- Published: Feb. 06, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10774
php-shellcommand versions before 1.6.1 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more
Affected Products : php-shellcommand- Published: Dec. 30, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10892
An issue was discovered in D-Link DIR-806 devices. There is a stack-based buffer overflow in function hnap_main at /htdocs/cgibin. The function will call sprintf without checking the length of strings in parameters given by HTTP header and can be controll... Read more
- Published: Sep. 06, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10661
On Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account lacks a password.... Read more
- Published: Mar. 30, 2019
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-5986
Unspecified vulnerability in NVIDIA graphics driver Release 331, 325, 319, 310, and 304 has unknown impact and attack vectors, a different vulnerability than CVE-2013-5987.... Read more
Affected Products : gpu_driver- Published: Jan. 21, 2014
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-5843
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availabi... Read more
- Published: Oct. 16, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-5789
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a diffe... Read more
- Published: Oct. 16, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-5599
Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird E... Read more
- Published: Oct. 30, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2013-5592
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more
Affected Products : firefox- Published: Oct. 30, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2019-10611
Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snap... Read more
Affected Products : sa6155p_firmware sdm660_firmware sm8150_firmware sm8250_firmware sxr2130_firmware apq8096au_firmware qcs605_firmware apq8009_firmware msm8909w_firmware sdm429w_firmware +70 more products- Published: Jan. 21, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2013-5334
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5333.... Read more
Affected Products : shockwave_player- Published: Dec. 11, 2013
- Modified: Apr. 11, 2025
-
10.0
HIGHCVE-2019-10609
Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrag... Read more
Affected Products : sdx55_firmware sdm660_firmware sm8150_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware qcs605_firmware sdx24_firmware apq8009_firmware mdm9650_firmware +100 more products- Published: Apr. 16, 2020
- Modified: Nov. 21, 2024
-
10.0
HIGHCVE-2019-10594
Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voi... Read more
Affected Products : sdx55_firmware sdm660_firmware sm8150_firmware msm8996au_firmware apq8096au_firmware mdm9150_firmware qcs605_firmware sdx24_firmware apq8009_firmware mdm9650_firmware +98 more products- Published: Mar. 05, 2020
- Modified: Nov. 21, 2024