CVEs from 2012
Total
5,200
critical
critical 963
high
high 747
medium
medium 2,885
low
low 530
% Critical
18.5%
% with KEV
0.4%
% with exploit
16.7%
Top vendors
Top products
- chrome 7,005
- safari 6,451
- itunes 4,416
- firefox 4,272
- seamonkey 3,619
- opera_browser 3,599
- mysql 2,827
- thunderbird 2,165
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-0142 | critical | — | 9.3 | 14y ago | Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of fil… | |||
| CVE-2012-0141 | critical | — | 9.3 | 14y ago | Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of fil… | |||
| CVE-2012-0018 | critical | — | 9.3 | 14y ago | Microsoft Visio Viewer 2010 Gold and SP1 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "VSD File Format Memory … | |||
| CVE-2012-0736 | critical | — | 9.3 | 14y ago | IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which allows remote attackers to execute arbitrary code via a crafted web site. | |||
| CVE-2012-1819 | critical | — | 9.3 | 14y ago | Untrusted search path vulnerability in WellinTech KingView 6.53 allows local users to gain privileges via a Trojan horse DLL in the current working directory. | |||
| CVE-2012-0269 | critical | — | 9.3 | 14y ago | Buffer overflow in JustSystems Ichitaro 2011 Sou, Ichitaro 2006 through 2011, Ichitaro Government 2006 through 2010, Ichitaro Portable with oreplug, Ichitaro Viewer, JUST School, JUST School 2009 and… | |||
| CVE-2012-1144 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or… | |||
| CVE-2012-1142 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or… | |||
| CVE-2012-1141 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1140 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1139 | critical | — | 9.3 | 14y ago | Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and … | |||
| CVE-2012-1138 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1137 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1136 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or… | |||
| CVE-2012-1135 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1134 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or… | |||
| CVE-2012-1133 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or… | |||
| CVE-2012-1132 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1131 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, on 64-bit platforms allows remote attackers to cause a denial of service (invalid heap read operation and me… | |||
| CVE-2012-1130 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1129 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-1128 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or pos… | |||
| CVE-2012-1127 | critical | — | 9.3 | 14y ago | FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or … | |||
| CVE-2012-0478 | critical | — | 9.3 | 14y ago | The texImage2D implementation in the WebGL subsystem in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonk… | |||
| CVE-2012-0472 | critical | — | 9.3 | 14y ago | The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when c… | |||
| CVE-2012-1499 | critical | — | 9.3 | 14y ago | The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, ak… | |||
| CVE-2012-0177 | critical | — | 9.3 | 14y ago | Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6-9 File Converter allows remote attackers to execute arbitrary code via a crafted Works… | |||
| CVE-2012-0172 | critical | — | 9.3 | 14y ago | Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Style Remote Code E… | |||
| CVE-2012-0171 | critical | — | 9.3 | 14y ago | Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "SelectAll Remote Code E… | |||
| CVE-2012-0170 | critical | — | 9.3 | 14y ago | Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnReadyStateChange Remote C… | |||
| CVE-2012-0169 | critical | — | 9.3 | 14y ago | Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "JScript9 Remote Code Execution Vu… | |||
| CVE-2012-0725 | critical | — | 9.3 | 14y ago | Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vec… | |||
| CVE-2012-0724 | critical | — | 9.3 | 14y ago | Adobe Flash Player before 11.2.202.229 in Google Chrome before 18.0.1025.151 allow attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vec… | |||
| CVE-2012-1337 | critical | — | 9.3 | 14y ago | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to exec… | |||
| CVE-2012-1336 | critical | — | 9.3 | 14y ago | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to exec… | |||
| CVE-2012-1335 | critical | — | 9.3 | 14y ago | Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to exec… | |||
| CVE-2012-0246 | critical | — | 9.3 | 14y ago | Directory traversal vulnerability in an unspecified ActiveX control in Ecava IntegraXor before 3.71.4200 allows remote attackers to execute arbitrary code via vectors involving an HTML document on th… | |||
| CVE-2012-0773 | critical | — | 9.3 | 14y ago | The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Fla… | |||
| CVE-2012-1845 | critical | — | 9.3 | 14y ago | Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the DEP and ASLR protection mechanisms, and execute arbitrary code, via unspecified vectors, as… | |||
| CVE-2012-0402 | critical | — | 9.3 | 14y ago | EMC RSA enVision 4.x before 4.1 Patch 4 uses unspecified hardcoded credentials, which makes it easier for remote attackers to obtain access via unknown vectors. | |||
| CVE-2012-1776 | critical | — | 9.3 | 14y ago | Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted… | |||
| CVE-2012-1264 | critical | — | 9.3 | 14y ago | Unspecified vulnerability in Gretech GOM Media Player before 2.1.37.5091 allows remote attackers to execute arbitrary code via a crafted AVI file. | |||
| CVE-2012-0358 | critical | — | 9.3 | 14y ago | Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw… | |||
| CVE-2012-0457 | critical | — | 9.3 | 14y ago | Use-after-free vulnerability in the nsSMILTimeValueSpec::ConvertBetweenTimeContainer function in Mozilla Firefox before 3.6.28 and 4.x through 10.0, Firefox ESR 10.x before 10.0.3, Thunderbird before… | |||
| CVE-2012-0646 | critical | — | 9.3 | 14y ago | Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file. | |||
| CVE-2012-0643 | critical | — | 9.3 | 14y ago | The kernel in Apple iOS before 5.1 does not properly handle debug system calls, which allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a crafted program. | |||
| CVE-2012-0642 | critical | — | 9.3 | 14y ago | Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image. | |||
| CVE-2012-0635 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0633 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0632 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0631 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0630 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0629 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0628 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0627 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0626 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0625 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0624 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0623 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0622 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0621 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0620 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0619 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0618 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0617 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0616 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0615 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0614 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0613 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0612 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0611 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0610 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0609 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0607 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0606 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0605 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0604 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0603 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0602 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0601 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0600 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0599 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0598 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0597 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0596 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0595 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0594 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0593 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0592 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0591 | critical | — | 9.3 | 14y ago | WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted … | |||
| CVE-2012-0371 | critical | — | 9.3 | 14y ago | Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unsp… | |||
| CVE-2012-1206 | critical | — | 9.3 | 15y ago | Multiple integer overflows in Hancom Office 2010 SE 8.5.5 allow remote attackers to execute arbitrary code via large dimension values in a (1) JPG image to the ImportGR in the JPG image filter module… | |||
| CVE-2012-0315 | critical | — | 9.3 | 15y ago | Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as… | |||
| CVE-2012-0223 | critical | — | 9.3 | 15y ago | Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 and earlier allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerabi… | |||
| CVE-2012-0224 | critical | — | 9.3 | 15y ago | Untrusted search path vulnerability in 7-Technologies (7T) AQUIS 1.5 and earlier allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerabili… | |||
| CVE-2012-1197 | critical | — | 9.3 | 15y ago | Integer overflow in the IDE_ACDStd.apl module for ACDSee 14.1 Build 137 allows remote attackers to execute arbitrary code via crafted "image dimension values" in a BMP file, which triggers a heap-bas… | |||
| CVE-2012-0756 | critical | — | 9.3 | 15y ago | Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac… | |||
| CVE-2012-0755 | critical | — | 9.3 | 15y ago | Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac… | |||
| CVE-2012-0753 | critical | — | 9.3 | 15y ago | Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac… | |||
| CVE-2012-0752 | critical | — | 9.3 | 15y ago | Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attac… |