CVEs from 2012
Total
5,235
critical
critical 963
high
high 747
medium
medium 2,885
low
low 530
% Critical
18.4%
% with KEV
0.4%
% with exploit
0.5%
Top vendors
Top products
- chrome 7,005
- safari 6,451
- itunes 4,416
- firefox 4,272
- seamonkey 3,619
- opera_browser 3,599
- mysql 2,827
- thunderbird 2,165
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2012-6695 | critical | — | 10.0 | 11y ago | GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1 has a password of ddpadmin for the ddpadmin user, which has unspecified impact and attack vectors. NOTE: it is not clear whether this password… | |
| CVE-2012-6694 | critical | — | 10.0 | 11y ago | GE Healthcare Centricity PACS Workstation 4.0 and 4.0.1, and Server 4.0, has a password of 2charGE for the geservice account, which has unspecified impact and attack vectors related to TimbuktuPro. … | |
| CVE-2012-6693 | critical | — | 10.0 | 11y ago | GE Healthcare Centricity PACS 4.0 Server has a default password of (1) nasro for the nasro (ReadOnly) user and (2) nasrw for the nasrw (Read/Write) user, which has unspecified impact and attack vecto… | |
| CVE-2012-6660 | critical | — | 10.0 | 11y ago | GE Healthcare Precision MPi has a password of (1) orion for the serviceapp user, (2) orion for the clinical operator user, and (3) PlatinumOne for the administrator user, which has unspecified impact… | |
| CVE-2012-5106 | critical | — | 10.0 | 12y ago | Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command. | |
| CVE-2012-5390 | critical | — | 10.0 | 12y ago | The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privil… | |
| CVE-2012-1166 | critical | — | 10.0 | 12y ago | The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote attackers to execute arbitrary commands via the KP_RETURN keybinding, which launches a terminal window. | |
| CVE-2012-6429 | critical | — | 10.0 | 12y ago | Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the pass… | |
| CVE-2012-4886 | critical | — | 10.0 | 12y ago | Stack-based buffer overflow in wpsio.dll in Kingsoft WPS Office 2012 possibly 8.1.0.3238 allows remote attackers to execute arbitrary code via a long BSTR string. | |
| CVE-2012-0264 | critical | — | 10.0 | 13y ago | op5 Monitor and op5 Appliance before 5.5.0 do not properly manage session cookies, which allows remote attackers to have an unspecified impact via unspecified vectors. | |
| CVE-2012-0262 | critical | — | 10.0 | 13y ago | op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the password paramet… | |
| CVE-2012-0261 | critical | — | 10.0 | 13y ago | license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the timestamp parameter for a… | |
| CVE-2012-0434 | critical | — | 10.0 | 13y ago | The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors. | |
| CVE-2012-6603 | critical | — | 10.0 | 13y ago | The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via … | |
| CVE-2012-6601 | critical | — | 10.0 | 13y ago | The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified … | |
| CVE-2012-6593 | critical | — | 10.0 | 13y ago | Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088. | |
| CVE-2012-6592 | critical | — | 10.0 | 13y ago | Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091. | |
| CVE-2012-6570 | critical | — | 10.0 | 13y ago | The HTTP module in the (1) Branch Intelligent Management System (BIMS) and (2) web management components on Huawei AR routers and S2000, S3000, S3500, S3900, S5100, S5600, S7800, and S8500 switches d… | |
| CVE-2012-4697 | critical | — | 10.0 | 13y ago | TURCK BL20 Programmable Gateway and BL67 Programmable Gateway have hardcoded accounts, which allows remote attackers to obtain administrative access via an FTP session. | |
| CVE-2012-6552 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in admin/action.php in phpVMS 2.1.x before 2.1.935 has unknown impact and attack vectors. | |
| CVE-2012-4715 | critical | — | 10.0 | 13y ago | Buffer overflow in LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9-SR4, CPR9-SR5, CPR9-SR5.1, and CPR9-SR6 allows remote attackers to cause a denial … | |
| CVE-2012-4702 | critical | — | 10.0 | 13y ago | 360 Systems Maxx, Image Server Maxx, and Image Server 2000 have a hardcoded password for the root account, which makes it easier for remote attackers to execute arbitrary code, or modify video conten… | |
| CVE-2012-5209 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary… | |
| CVE-2012-5201 | critical | — | 10.0 | 13y ago | Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary… | |
| CVE-2012-6275 | critical | — | 10.0 | 13y ago | Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the… | |
| CVE-2012-4708 | critical | — | 10.0 | 13y ago | Stack-based buffer overflow in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. | |
| CVE-2012-4707 | critical | — | 10.0 | 13y ago | 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors that trigger an out-of-bounds memory access. | |
| CVE-2012-4705 | critical | — | 10.0 | 13y ago | Directory traversal vulnerability in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via vectors involving a crafted pathname. | |
| CVE-2012-4704 | critical | — | 10.0 | 13y ago | Array index error in 3S CODESYS Gateway-Server before 2.3.9.27 allows remote attackers to execute arbitrary code via a crafted packet. | |
| CVE-2012-4711 | critical | — | 10.0 | 14y ago | Buffer overflow in kingMess.exe 65.20.2003.10300 in WellinTech KingView 6.52, kingMess.exe 65.20.2003.10400 in KingView 6.53, and kingMess.exe 65.50.2011.18049 in KingView 6.55 allows remote attacker… | |
| CVE-2012-5188 | critical | — | 10.0 | 14y ago | Untrusted search path vulnerability in mora Downloader before 1.0.0.1 allows remote attackers to trigger the launch of a .exe file via unspecified vectors. | |
| CVE-2012-3285 | critical | — | 10.0 | 14y ago | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513. | |
| CVE-2012-3284 | critical | — | 10.0 | 14y ago | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512. | |
| CVE-2012-3283 | critical | — | 10.0 | 14y ago | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1511. | |
| CVE-2012-3282 | critical | — | 10.0 | 14y ago | Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1468. | |
| CVE-2012-4301 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a diff… | |
| CVE-2012-3342 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, a… | |
| CVE-2012-3213 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, a… | |
| CVE-2012-1541 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, a… | |
| CVE-2012-5965 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.… | |
| CVE-2012-5964 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.… | |
| CVE-2012-5963 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.… | |
| CVE-2012-5962 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.… | |
| CVE-2012-5961 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.… | |
| CVE-2012-5960 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) be… | |
| CVE-2012-5959 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) be… | |
| CVE-2012-5958 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) be… | |
| CVE-2012-3278 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet. | |
| CVE-2012-6437 | critical | — | 10.0 | 14y ago | The device does not properly authenticate users and the potential exists for a remote user to upload a new firmware image to the Ethernet card, whether it is a corrupt or legitimate firmware image. S… | |
| CVE-2012-6503 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the NinjaXplorer component before 1.0.7 for Joomla! has unknown impact and attack vectors. | |
| CVE-2012-6069 | critical | 10.0 | 10.0 | 14y ago | The CoDeSys Runtime Toolkit’s file transfer functionality does not perform input validation, which allows an attacker to access files and directories outside the intended scope. This may allow an a… | |
| CVE-2012-6392 | critical | — | 10.0 | 14y ago | Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate authentication and authorization requests in TCP sessions, which allows remote attackers to execute arb… | |
| CVE-2012-3174 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in Oracle Java 7 before Update 11 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013… | |
| CVE-2012-1530 | critical | — | 10.0 | 14y ago | Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of … | |
| CVE-2012-2379 | critical | — | 10.0 | 14y ago | XML Signature/Encryption Not Validated in Apache CXF | |
| CVE-2012-6299 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to bypass intended access restrictions via unknown vectors. | |
| CVE-2012-6298 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in CA IdentityMinder r12.0 through CR16, r12.5 before SP15, and r12.6 GA allows remote attackers to execute arbitrary commands or modify data via unknown vectors. | |
| CVE-2012-0432 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors. | |
| CVE-2012-5932 | critical | — | 10.0 | 14y ago | Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code… | |
| CVE-2012-0411 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action. | |
| CVE-2012-6428 | critical | — | 10.0 | 14y ago | The Carlo Gavazzi EOS-Box stores hard-coded passwords in the PHP file of the device. By using the hard-coded passwords, attackers can log into the device with administrative privileges. This coul… | |
| CVE-2012-3002 | critical | — | 10.0 | 14y ago | The web interface on (1) Foscam and (2) Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to … | |
| CVE-2012-1714 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in a TList 6 ActiveX control in Oracle Hyperion Financial Management 11.1.1.4 and 11.1.2.1.104 allows remote attackers to execute arbitrary code via unknown vectors. | |
| CVE-2012-1712 | critical | — | 10.0 | 14y ago | Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors. | |
| CVE-2012-5955 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the IBM HTTP Server component 5.3 in IBM WebSphere Application Server (WAS) for z/OS allows remote attackers to execute arbitrary commands via unknown vectors. | |
| CVE-2012-5680 | critical | — | 10.0 | 14y ago | Buffer overflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors. | |
| CVE-2012-5678 | critical | — | 10.0 | 14y ago | Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, b… | |
| CVE-2012-5677 | critical | — | 10.0 | 14y ago | Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2… | |
| CVE-2012-5676 | critical | — | 10.0 | 14y ago | Buffer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.… | |
| CVE-2012-5144 | critical | — | 10.0 | 14y ago | Google Chrome before 23.0.1271.97, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.5, do not properly perform AAC decoding, which allows remote attackers to cause a denial of service (stack memory … | |
| CVE-2012-5143 | critical | — | 10.0 | 14y ago | Integer overflow in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PPAPI image buffers. | |
| CVE-2012-5142 | critical | — | 10.0 | 14y ago | Google Chrome before 23.0.1271.97 does not properly handle history navigation, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified… | |
| CVE-2012-5141 | critical | — | 10.0 | 14y ago | Google Chrome before 23.0.1271.97 does not properly restrict instantiation of the Chromoting client plug-in, which has unspecified impact and attack vectors. | |
| CVE-2012-5140 | critical | — | 10.0 | 14y ago | Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the URL loader. | |
| CVE-2012-5139 | critical | — | 10.0 | 14y ago | Use-after-free vulnerability in Google Chrome before 23.0.1271.97 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to visibility even… | |
| CVE-2012-4786 | critical | — | 10.0 | 14y ago | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 201… | |
| CVE-2012-5973 | critical | — | 10.0 | 14y ago | CA XCOM Data Transport r11.0 and r11.5 on UNIX and Linux allows remote attackers to execute arbitrary commands via a crafted request. | |
| CVE-2012-3275 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors. | |
| CVE-2012-3274 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in uam.exe in the User Access Manager (UAM) component in HP Intelligent Management Center (IMC) before 5.1 E0101P01 allows remote attackers to execute arbitrary code via v… | |
| CVE-2012-6067 | critical | — | 10.0 | 14y ago | freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnec… | |
| CVE-2012-5138 | critical | — | 10.0 | 14y ago | Google Chrome before 23.0.1271.95 does not properly handle file paths, which has unspecified impact and attack vectors. | |
| CVE-2012-5137 | critical | — | 10.0 | 14y ago | Use-after-free vulnerability in Google Chrome before 23.0.1271.95 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the Media Sourc… | |
| CVE-2012-6046 | critical | — | 10.0 | 14y ago | Static code injection vulnerability in admin/banners.php in PHP Enter allows remote attackers to inject arbitrary PHP code into horad.php via the code parameter. | |
| CVE-2012-5863 | critical | — | 10.0 | 14y ago | These Sinapsi devices do not check for special elements in commands sent to the system. By accessing certain pages with administrative privileges that do not require authentication within the devic… | |
| CVE-2012-5862 | critical | — | 10.0 | 14y ago | These Sinapsi devices store hard-coded passwords in the PHP file of the device. By using the hard-coded passwords in the device, attackers can log into the device with administrative privileges. Th… | |
| CVE-2012-5835 | critical | — | 10.0 | 14y ago | Integer overflow in the WebGL subsystem in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows… | |
| CVE-2012-4218 | critical | — | 10.0 | 14y ago | Use-after-free vulnerability in the BuildTextRunsScanner::BreakSink::SetBreaks function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to e… | |
| CVE-2012-4212 | critical | — | 10.0 | 14y ago | Use-after-free vulnerability in the XPCWrappedNative::Mark function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary cod… | |
| CVE-2012-4944 | critical | — | 10.0 | 14y ago | Multiple unrestricted file upload vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to execute arbitrary code by uploading a file via an unspecified … | |
| CVE-2012-4959 | critical | — | 10.0 | 14y ago | Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of… | |
| CVE-2012-4956 | critical | — | 10.0 | 14y ago | Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record. | |
| CVE-2012-5896 | critical | — | 10.0 | 14y ago | The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrar… | |
| CVE-2012-5895 | critical | — | 10.0 | 14y ago | Multiple unspecified vulnerabilities in iRODS before 3.1 have unknown impact and attack vectors. | |
| CVE-2012-5673 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 o… | |
| CVE-2012-5287 | critical | — | 10.0 | 14y ago | Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android … | |
| CVE-2012-5286 | critical | — | 10.0 | 14y ago | Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android … | |
| CVE-2012-5285 | critical | — | 10.0 | 14y ago | Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android … | |
| CVE-2012-4505 | critical | — | 10.0 | 14y ago | Heap-based buffer overflow in the px_pac_reload function in lib/pac.c in libproxy 0.2.x and 0.3.x allows remote servers to have an unspecified impact via a crafted Content-Length size in an HTTP resp… | |
| CVE-2012-4504 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the url::get_pac function in url.cpp in libproxy 0.4.x before 0.4.9 allows remote servers to have an unspecified impact via a large proxy.pac file. | |
| CVE-2012-3270 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in HP Performance Insight 5.31, 5.40, and 5.41, when Sybase is used, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via u… |