Remote Code Execution - 41401 CVEs (Page 273/346)

About “Remote Code Execution”

A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41401 CVEs for this tag (all time). In the last 365 days, 4734 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0

2012-09-13

Medium

CVE-2012-3710

WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a differe…

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3709

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3708

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3707

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3706

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3705

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3704

CVSS: 6.8 CWE: N/A View on NVD

High

CVE-2012-3703

CVSS: 8.3 CWE: N/A View on NVD

Medium

CVE-2012-3702

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3701

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3700

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3699

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3692

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3688

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3687

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3685

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3684

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3677

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3676

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3675

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3673

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3672

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3671

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3660

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3659

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3658

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3657

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3654

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3652

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3651

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3649

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3648

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3647

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3643

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3632

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3624

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3623

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3622

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3621

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3617

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3616

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3614

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3613

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3612

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2012-3607

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-3606

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-3602

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3601

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3598

CVSS: 6.8 CWE: N/A View on NVD

2012-09-09

Medium

CVE-2012-2316

Cross-site request forgery (CSRF) vulnerability in servlet/admin/AuthServlet.java in OpenKM 5.1.7 and other versions before 5.1.8-2 allows remote attackers to hijack the authentication of administrat…

CVSS: 6.8 CWE: CWE-352 - Cross-Site Request Forgery (CSRF) View on NVD

2012-09-08

High

CVE-2012-0254

Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterp…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD

2012-09-06

Critical

CVE-2012-4876

Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the Open…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-4875

Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2012-1468

Incomplete blacklist vulnerability in Open Journal Systems before 2.3.7 allows remote authenticated users with the Author Role permission to execute arbitrary code by uploading a file with an executa…

CVSS: 6.0 CWE: N/A View on NVD

Medium

CVE-2012-4866

Untrusted search path vulnerability in Xtreme RAT 3.5 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder a…

CVSS: 6.9 CWE: N/A View on NVD

Critical

CVE-2012-4865

Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to execute arbitrary code via a crafted .TMD file.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-4864

Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted xml file.

CVSS: 9.3 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD

2012-09-05

Medium

CVE-2012-4389

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and access…

CVSS: 6.8 CWE: N/A View on NVD

Medium

CVE-2012-3535

Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2011-3146

librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary…

CVSS: 6.8 CWE: N/A View on NVD

High

CVE-2010-4818

The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a cl…

CVSS: 8.5 CWE: CWE-20 - Improper Input Validation View on NVD

2012-09-04

Medium

CVE-2012-1605

The Extbase Framework in TYPO3 4.6.x through 4.6.6, 4.7, and 6.0 unserializes untrusted data, which allows remote attackers to unserialize arbitrary objects and possibly execute arbitrary code via ve…

CVSS: 5.0 CWE: N/A View on NVD

Critical

CVE-2012-2288

Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specif…

CVSS: 9.3 CWE: CWE-134 - Use of Externally-Controlled Format String View on NVD

Critical

CVE-2012-0275

Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a c…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-08-31

High

CVE-2012-4742

The web_node_register function in web.pm in PacketFence before 3.0.2 might allow remote attackers to execute arbitrary code via unspecified vectors.

CVSS: 7.5 CWE: N/A View on NVD

High

CVE-2012-2114

Stack-based buffer overflow in fprintf in musl before 0.8.8 and earlier allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long string to…

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2011-5148

Multiple incomplete blacklist vulnerabilities in the Simple File Upload (mod_simplefileuploadv1.3) module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file…

CVSS: 6.8 CWE: N/A View on NVD

Critical

CVE-2010-5194

Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remot…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2010-5193

Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-4170

Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted file.

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-08-30

Medium

CVE-2011-5129

Heap-based buffer overflow in XChat 2.8.9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long response string.

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-3254

Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffe…

CVSS: 10.0 CWE: N/A View on NVD

Critical

CVE-2012-3253

Multiple unspecified vulnerabilities in HP Intelligent Management Center (IMC) before 5.0 E0101P05 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by an integer ov…

CVSS: 10.0 CWE: N/A View on NVD

2012-08-29

Medium

CVE-2012-3979

Mozilla Firefox before 15.0 on Android does not properly implement unspecified callers of the __android_log_print function, which allows remote attackers to execute arbitrary code via a crafted web p…

CVSS: 6.8 CWE: N/A View on NVD

High

CVE-2012-3973

The debugger in the developer-tools subsystem in Mozilla Firefox before 15.0, when remote debugging is disabled, does not properly restrict access to the remote-debugging service, which allows remote…

CVSS: 7.6 CWE: CWE-264 View on NVD

Critical

CVE-2012-3971

Summer Institute of Linguistics (SIL) Graphite 2, as used in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12, allows remote attackers to execute arbitrary code or caus…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-3970

Use-after-free vulnerability in the nsTArray_base::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and Sea…

CVSS: 10.0 CWE: CWE-399 View on NVD

Critical

CVE-2012-3969

Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaM…

CVSS: 9.3 CWE: CWE-189 View on NVD

Critical

CVE-2012-3968

Use-after-free vulnerability in the WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey bef…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-3967

The WebGL implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 on Linux, when a large…

CVSS: 9.3 CWE: CWE-787 - Out-of-bounds Write View on NVD

Critical

CVE-2012-3966

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allow remote attackers to execute arbitrary code or…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-3964

Use-after-free vulnerability in the gfxTextRun::GetUserData function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and S…

CVSS: 10.0 CWE: CWE-399 View on NVD

Critical

CVE-2012-3963

Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, a…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-3962

Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a…

CVSS: 9.3 CWE: N/A View on NVD

Critical

CVE-2012-3961

Use-after-free vulnerability in the RangeData implementation in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-3960

Use-after-free vulnerability in the mozSpellChecker::SetCurrentDictionary function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-3959

Use-after-free vulnerability in the nsRangeUpdater::SelAdjDeleteNode function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-3958

Use-after-free vulnerability in the nsHTMLEditRules::DeleteNonTableElements function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x befo…

CVSS: 10.0 CWE: CWE-399 View on NVD

Critical

CVE-2012-3957

Heap-based buffer overflow in the nsBlockFrame::MarkLineDirty function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and…

CVSS: 10.0 CWE: CWE-787 - Out-of-bounds Write View on NVD

Critical

CVE-2012-3956

Use-after-free vulnerability in the MediaStreamGraphThreadRunnable::Run function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 1…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-1976

Use-after-free vulnerability in the nsHTMLSelectElement::SubmitNamesValues function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x befor…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-1975

Use-after-free vulnerability in the PresShell::CompleteMove function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and S…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-1974

Use-after-free vulnerability in the gfxTextRun::CanBreakLineBefore function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-1973

Use-after-free vulnerability in the nsObjectLoadingContent::LoadObject function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-1972

Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x befo…

CVSS: 10.0 CWE: CWE-416 - Use After Free View on NVD

Critical

CVE-2012-1971

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Thunderbird before 15.0, and SeaMonkey before 2.12 allow remote attackers to cause a denial of service (memo…

CVSS: 9.3 CWE: N/A View on NVD

Critical

CVE-2012-1970

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey b…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

2012-08-28

Critical

CVE-2012-4681

Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses S…

CVSS: 9.8 CWE: CWE-284 - Improper Access Control View on NVD

2012-08-27

Medium

CVE-2012-3418

libpcp in Performance Co-Pilot (PCP) before 3.6.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a PDU with the numcreds field value greater than the…

CVSS: 5.0 CWE: CWE-189 View on NVD

2012-08-26

Medium

CVE-2012-1175

Integer overflow in the GnashImage::size method in libbase/GnashImage.h in GNU Gnash 0.8.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a craf…

CVSS: 6.8 CWE: CWE-189 View on NVD

Critical

CVE-2011-5127

Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequentl…

CVSS: 10.0 CWE: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') View on NVD

Critical

CVE-2011-5124

Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packe…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

High

CVE-2012-2289

EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender Web Access .NET before 6.5 SP2 allow remote attackers to upload files to any location, and possibly execute arbitrary code, via un…

CVSS: 7.5 CWE: CWE-264 View on NVD

2012-08-25

Medium

CVE-2012-3481

Integer overflow in the ReadImage function in plug-ins/common/file-gif-load.c in the GIF image format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service (applicati…

CVSS: 6.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD

Medium

CVE-2012-3480

Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users t…

CVSS: 4.6 CWE: CWE-189 View on NVD

Medium

CVE-2012-3403

Heap-based buffer overflow in the KiSS CEL file format plug-in in GIMP 2.8.x and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted KiSS pa…

CVSS: 6.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

Medium

CVE-2012-3402

Integer overflow in plug-ins/common/psd.c in the Adobe Photoshop PSD plugin in GIMP 2.2.13 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a c…

CVSS: 6.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD

2012-08-23

Critical

CVE-2012-4337

Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number durin…

CVSS: 9.3 CWE: N/A View on NVD

2012-08-22

Critical

CVE-2012-4599

McAfee SmartFilter Administration, and SmartFilter Administration Bess Edition, before 4.2.1.01 does not require authentication for access to the JBoss Remote Method Invocation (RMI) interface, which…

CVSS: 10.0 CWE: CWE-287 - Improper Authentication View on NVD

Critical

CVE-2012-4598

An unspecified ActiveX control in McAfee Virtual Technician (MVT) before 6.4, and ePO-MVT, allows remote attackers to execute arbitrary code or cause a denial of service (Internet Explorer crash) via…

CVSS: 9.3 CWE: N/A View on NVD

Critical

CVE-2012-2864

Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Medium

CVE-2010-3499

F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via ma…

CVSS: 6.4 CWE: CWE-264 View on NVD

Medium

CVE-2010-3498

AVG Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware…

CVSS: 6.4 CWE: CWE-264 View on NVD

Medium

CVE-2010-3497

Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary…

CVSS: 6.4 CWE: CWE-264 View on NVD

Medium

CVE-2010-3496

McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute…

CVSS: 6.4 CWE: CWE-264 View on NVD

2012-08-21

Critical

CVE-2012-4167

Integer overflow in Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android…

CVSS: 10.0 CWE: CWE-189 View on NVD

Critical

CVE-2012-4165

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and be…

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-4164

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-4163

CVSS: 10.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD

Critical

CVE-2012-4363

Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF docume…

CVSS: 9.3 CWE: N/A View on NVD