VIR Vulnerability Intelligence Relay

Search

Found 1,574 results in 428ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2017-3248 critical 9.8 10.0 EXP oracle 10y ago Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. …
CVE-2017-3241 critical 9.0 10.0 EXPFIX slesdebian debian oracle 10y ago Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u…
CVE-2016-7567 critical 9.8 10.0 EXP sles openslp 10y ago Buffer overflow in the SLPFoldWhiteSpace function in common/slp_compare.c in OpenSLP 2.0 allows remote attackers to have unspecified impact via a crafted string.
CVE-2016-6603 critical 9.8 10.0 EXP zohocorp 10y ago ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and impersonate arbitrary users via the UserName HTTP header.
CVE-2016-6602 critical 9.8 10.0 EXP zohocorp 10y ago ZOHO WebNMS Framework 5.2 and 5.2 SP1 use a weak obfuscation algorithm to store passwords, which allows context-dependent attackers to obtain cleartext passwords by leveraging access to WEB-INF/conf/…
CVE-2016-6600 critical 9.8 10.0 EXP zohocorp 10y ago Directory traversal vulnerability in the file upload functionality in ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to upload and execute arbitrary JSP files via a .. (dot dot) in the…
CVE-2016-4010 critical 9.8 10.0 EXP magento 10y ago Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
CVE-2016-9299 critical 9.8 10.0 EXP fedora fedora jenkins 10y ago Improper Neutralization of Special Elements used in an LDAP Query in Jenkins
CVE-2015-4594 critical 9.8 10.0 EXP eclinicalworks 10y ago eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When authenticating a user, the application does not assign a new session ID, making it possible to use an exist…
CVE-2016-10108 critical 9.8 10.0 EXP western_digital 10y ago Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 /web/google_analytics.php URL via a modified arg parameter in the POST data.
CVE-2016-10074 critical 9.8 10.0 EXPFIX debian debian swiftmailer 10y ago Swift Mailer mail transport Command Injection
CVE-2016-10045 critical 9.8 10.0 EXPFIX arch archdebian debian phpmailer_projectwordpressjoomla 10y ago Remote code execution in PHPMailer
CVE-2016-10034 critical 9.8 10.0 EXP zend 10y ago zend-mail remote code execution via Sendmail adapter
CVE-2016-7456 critical 9.8 10.0 EXP vmware 10y ago VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session.
CVE-2016-9565 critical 9.8 10.0 EXP nagios 10y ago MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote attackers to read or write to arbitrary files by spoofing a crafted response from the Nagios RSS feed serv…
CVE-2016-7866 critical 9.8 10.0 EXP adobe 10y ago Adobe Animate versions 15.2.1.95 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2016-9796 critical 9.8 10.0 EXP alcatel-lucent 10y ago Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista i…
CVE-2016-9150 critical 9.8 10.0 EXP 10y ago Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 …
CVE-2016-8869 critical 9.8 10.0 EXP joomla 10y ago The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use o…
CVE-2016-8582 critical 9.8 10.0 EXP alienvault 10y ago A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via…
CVE-2016-8580 critical 9.8 10.0 EXP alienvault 10y ago PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM before 5.3.2. These vulnerabilities allow arbitrary PHP code execution via magic methods in included cl…
CVE-2016-7182 critical 9.8 10.0 EXP windows windows microsoft 10y ago The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607…
CVE-2016-1000125 critical 9.8 10.0 EXP huge-it 10y ago Unauthenticated SQL Injection in Huge-IT Catalog v1.0.7 for Joomla
CVE-2016-1000124 critical 9.8 10.0 EXP huge-it 10y ago Unauthenticated SQL Injection in Huge-IT Portfolio Gallery Plugin v1.0.6
CVE-2016-1000123 critical 9.8 10.0 EXP huge-it 10y ago Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla
CVE-2016-6662 critical 9.8 10.0 EXP slesdebian debian rhel oracleperconamariadb 10y ago Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x befo…
CVE-2016-3325 low 3.1 4.1 EXP microsoft 10y ago Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Browser Information Disclosure Vulnerability."
CVE-2016-5678 critical 9.8 10.0 EXP 10y ago NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have hardcoded root credentials, which allows remote attackers to obtain administrative access via unspecified vectors.
CVE-2016-5675 critical 9.8 10.0 EXP netgearnuuo 10y ago handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0, NUUO Crystal 2.2.1 through 3.2.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remot…
CVE-2016-5674 critical 9.8 10.0 EXP netgear 10y ago __debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through 3.0.0, and NETGEAR ReadyNAS Surveillance 1.1.1 through 1.4.1 allows remote attackers to execute arbit…
CVE-2016-6195 critical 9.8 10.0 EXP vbulletin 10y ago SQL injection vulnerability in forumrunner/includes/moderation.php in vBulletin before 4.2.2 Patch Level 5 and 4.2.3 before Patch Level 1 allows remote attackers to execute arbitrary SQL commands via…
CVE-2016-6909 critical 9.8 10.0 EXP 10y ago Buffer overflow in the Cookie parser in Fortinet FortiOS 4.x before 4.1.11, 4.2.x before 4.2.13, and 4.3.x before 4.3.9 and FortiSwitch before 3.4.3 allows remote attackers to execute arbitrary code …
CVE-2016-3321 low 2.5 3.5 EXP microsoft 10y ago Microsoft Internet Explorer 10 and 11 load different files for attempts to open a file:// URL depending on whether the file exists, which allows local users to enumerate files via vectors involving a…
CVE-2016-3078 critical 9.8 10.0 EXP sles php 10y ago Multiple integer overflows in php_zip.c in the zip extension in PHP before 7.0.6 allow remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly hav…
CVE-2016-3510 critical 9.8 10.0 EXP oracle 10y ago Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availa…
CVE-2016-4372 critical 9.8 10.0 EXP hp 10y ago HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC NTA before 7.2 E0401P01, iMC BIMS before 7.2 E0402P02, and iMC UAM_TAM before 7.2 E0405P05 allow remote…
CVE-2016-4208 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attacker…
CVE-2016-4207 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attacker…
CVE-2016-4206 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attacker…
CVE-2016-4205 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attacker…
CVE-2016-4204 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attacker…
CVE-2016-4203 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attacker…
CVE-2016-4201 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attacker…
CVE-2016-5734 critical 9.8 10.0 EXPFIX debian debian phpmyadmin 10y ago phpMyAdmin Code Injection vulnerability
CVE-2016-5228 critical 9.8 10.0 EXP microfocus 10y ago Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers t…
CVE-2016-1606 critical 9.8 10.0 EXP microfocus 10y ago Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXS…
CVE-2016-3645 critical 9.8 10.0 EXP symantec 10y ago Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Data Center Security:Server (SDCS:S) 6.x through 6.6 MP1; Symantec Web …
CVE-2016-4138 critical 9.8 10.0 EXP sles rhelmacos macos adobe 10y ago Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack…
CVE-2016-3236 critical 9.8 10.0 EXP windows windows 10y ago The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT…
CVE-2016-5108 critical 9.8 10.0 EXPFIX slesdebian debian videolan 10y ago Buffer overflow in the DecodeAdpcmImaQT function in modules/codec/adpcm.c in VideoLAN VLC media player before 2.2.4 allows remote attackers to cause a denial of service (crash) or possibly execute ar…
CVE-2016-3087 critical 9.8 10.0 EXP apache 10y ago Apache Struts vulnerable to arbitrary remote code execution due to improper input validation
CVE-2016-4486 low 3.3 4.3 EXPFIX slesdebian debianubuntu ubuntu novell 10y ago The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from …
CVE-2016-4071 critical 9.8 10.0 EXP slesmacos macos php 10y ago Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote attackers to execute arbitrary code via for…
CVE-2016-2208 critical 9.1 10.0 EXP symantec 10y ago The kernel component in Symantec Anti-Virus Engine (AVE) 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory access violation and system …
CVE-2015-6835 critical 9.8 10.0 EXP php 10y ago The session deserializer in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 mishandles multiple php_var_unserialize calls, which allow remote attackers to execute arbitrary code or ca…
CVE-2015-6834 critical 9.8 10.0 EXP php 10y ago Multiple use-after-free vulnerabilities in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 allow remote attackers to execute arbitrary code via vectors related to (1) the Serializable…
CVE-2016-2298 critical 9.8 10.0 EXP meteocontrol 10y ago Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited allows remote attackers to obtain sensitive cleartext information via unspecified vectors.
CVE-2016-2296 critical 9.4 10.0 EXP meteocontrol 10y ago Meteocontrol WEB'log Basic 100, Light, Pro, and Pro Unlimited does not require authentication for "post-admin" login pages, which allows remote attackers to obtain sensitive information or modify dat…
CVE-2016-1209 critical 9.8 10.0 EXP ninjaforms 10y ago The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
CVE-2016-1077 critical 9.8 10.0 EXP macos macos adobe 10y ago Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attacker…
CVE-2016-4534 low 3.0 4.0 EXP mcafee 10y ago The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.8.0.1546) on Windows allows local administrators to bypass intended self-protection rules and…
CVE-2016-3716 low 3.3 4.3 EXPFIX debian debian rhelubuntu ubuntu imagemagick 10y ago The MSL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to move arbitrary files via a crafted image.
CVE-2016-3074 critical 9.8 10.0 EXPFIX slesdebian debiansuse suse libgdphp 10y ago Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed g…
CVE-2016-2004 critical 9.8 10.0 EXP hp 10y ago HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allow remote attackers to execute arbitrary code via unspecified vectors related to lack of authentication. NOTE: this vulner…
CVE-2016-2417 critical 9.8 10.0 EXP 10y ago media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows atta…
CVE-2016-3987 critical 9.8 10.0 EXP trendmicro 10y ago The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB.
CVE-2016-2385 critical 9.8 10.0 EXPFIX debian debian kamailio 10y ago Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memo…
CVE-2016-2851 critical 9.8 10.0 EXPFIX slesdebian debiansuse suse cypherpunks 10y ago Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a s…
CVE-2016-2563 critical 9.8 10.0 EXPFIX slesdebian debian 9bissimon_tatham 10y ago Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service (stack memory corruption) or execute…
CVE-2016-3974 critical 9.1 10.0 EXP sap 10y ago XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access…
CVE-2016-1741 critical 9.8 10.0 EXP macos macos 10y ago The NVIDIA driver in the Graphics Drivers subsystem in Apple OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) vi…
CVE-2016-2345 critical 9.8 10.0 EXP dameware 10y ago Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string.
CVE-2016-0954 critical 9.8 10.0 EXP adobe 10y ago Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
CVE-2016-1524 critical 9.6 10.0 EXP netgear 11y ago Multiple unrestricted file upload vulnerabilities in NETGEAR Management System NMS300 1.5.0.11 and earlier allow remote attackers to execute arbitrary Java code by using (1) fileUpload.do or (2) lib-…
CVE-2016-1287 critical 9.8 10.0 EXP 11y ago Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7),…
CVE-2016-0953 critical 9.8 10.0 EXP macos macos adobe 11y ago Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspeci…
CVE-2016-0952 critical 9.8 10.0 EXP macos macos adobe 11y ago Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspeci…
CVE-2016-0951 critical 9.8 10.0 EXP macos macos adobe 11y ago Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspeci…
CVE-2016-0801 critical 9.8 10.0 EXPFIX debian debianmacos macos 11y ago The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service …
CVE-2015-8617 critical 9.8 10.0 EXP php 11y ago Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via format string specifiers in a …
CVE-2016-1909 critical 9.8 10.0 EXP 11y ago Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.2.16, 4.3.x before 4.3.17 a…
CVE-2016-0854 critical 9.8 10.0 EXP advantech 11y ago Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 allows remote attackers to …
CVE-2015-8396 critical 10.0 10.0 EXPFIX debian debian malaterre 11y ago Integer overflow in the ImageRegionReader::ReadIntoBuffer function in MediaStorageAndFileFormat/gdcmImageRegionReader.cxx in Grassroots DICOM (aka GDCM) before 2.6.2 allows attackers to execute arbit…
CVE-2015-8261 critical 9.8 10.0 EXP progress 11y ago The DroneDeleteOldMeasurements implementation in Ipswitch WhatsUp Gold before 16.4 does not properly validate serialized XML objects, which allows remote attackers to conduct SQL injection attacks vi…
CVE-2015-6018 critical 9.8 10.0 EXP 11y ago The diagnostic-ping implementation on ZyXEL PMG5318-B20A devices with firmware before 1.00(AANC.2)C0 allows remote attackers to execute arbitrary commands via the PingIPAddr parameter.
CVE-2015-5995 critical 9.8 10.0 EXP 11y ago Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 and Tenda N3 Wireless N150 devices allow remote attackers to obtain administrative access via a certain admin substring in an HTTP Coo…
CVE-2015-7251 critical 9.8 10.0 EXP 11y ago ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, which allows remote attackers to obtain administrative access via a TELNET session.
CVE-2015-8358 critical 10.0 EXP bitrix 11y ago Directory traversal vulnerability in the bitrix.mpbuilder module before 1.0.12 for Bitrix allows remote administrators to include and execute arbitrary local files via a .. (dot dot) in the element n…
CVE-2015-7112 critical 10.0 EXP macos macos 11y ago The IOHIDFamily API in Apple iOS before 9.2, OS X before 10.11.2, tvOS before 9.1, and watchOS before 2.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of servi…
CVE-2015-8434 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8431 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8430 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8429 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8428 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8427 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8426 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8425 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8424 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8423 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…
CVE-2015-8422 critical 10.0 EXP macos macos linux-kernel adobe 11y ago Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR S…