CVEs from 2012
Total
5,193
critical
critical 962
high
high 747
medium
medium 2,886
low
low 530
% Critical
18.5%
% with KEV
0.4%
% with exploit
16.8%
Top vendors
Top products
- chrome 7,005
- safari 6,451
- itunes 4,416
- firefox 4,272
- seamonkey 3,619
- opera_browser 3,599
- mysql 2,827
- thunderbird 2,165
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2012-0774 | critical | — | 10.0 | 14y ago | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font. | |||
| CVE-2012-1182 | critical | — | 10.0 | 14y ago | The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory … | |||
| CVE-2012-0163 | critical | — | 10.0 | 14y ago | Microsoft .NET Framework 1.0 SP3, 1.1 SP1, 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly validate function parameters, which allows remote attackers to execute arbitrary code via (1) a crafted XA… | |||
| CVE-2012-1239 | critical | — | 10.0 | 14y ago | The TopAccess web-based management interface on TOSHIBA TEC e-Studio multi-function peripheral (MFP) devices with firmware 30x through 302, 35x through 354, and 4xx through 421 allows remote attacker… | |||
| CVE-2012-0131 | critical | — | 10.0 | 14y ago | Distributed Computing Environment (DCE) 1.8 and 1.9 on HP HP-UX B.11.11 and B.11.23 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | |||
| CVE-2012-0127 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in HP Performance Manager 9.00 allows remote attackers to execute arbitrary code via unknown vectors. | |||
| CVE-2012-0772 | critical | — | 10.0 | 14y ago | An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, whi… | |||
| CVE-2012-1846 | critical | — | 10.0 | 14y ago | Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection mechanism by leveraging access to a sandboxed process, as demonstrated by VUPEN during a Pwn2Own competi… | |||
| CVE-2012-1797 | critical | — | 10.0 | 14y ago | IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors. | |||
| CVE-2012-1775 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in VideoLAN VLC media player before 2.0.1 allows remote attackers to execute arbitrary code via a crafted MMS:// stream. | |||
| CVE-2012-1774 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Open URL feature in Gretech GOM Media Player before 2.1.39.5101 has unknown impact and attack vectors, a different vulnerability than CVE-2007-5779 and CVE-2012-1264. | |||
| CVE-2012-0231 | critical | — | 10.0 | 14y ago | PRLicenseMgr.exe in the Proficy Server License Manager in GE Intelligent Platforms Proficy Plant Applications 5.0 and earlier allows remote attackers to cause a denial of service (memory corruption) … | |||
| CVE-2012-0230 | critical | — | 10.0 | 14y ago | PRRDS.exe in the Proficy Remote Data Service in GE Intelligent Platforms Proficy Plant Applications 5.0 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibl… | |||
| CVE-2012-0229 | critical | — | 10.0 | 14y ago | The Data Archiver service in GE Intelligent Platforms Proficy Historian 4.5 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via… | |||
| CVE-2012-1485 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the NetFront Life Browser (com.access_company.android.nflifebrowser.lite) application 2.2.0 and 2.3.0 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1484 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the WaliSMS CN (cn.com.wali.walisms) application 2.9.2 and 3.7.0 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1483 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Message Forwarder (com.gmail.zbnetium) application 1.12.20110409.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1482 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the TouchPal Contacts (com.cootek.smartdialer) application 3.3.1 and 4.0.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1481 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Textdroid (com.app.android.textdroid) application 2.5.2 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1480 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Pansi SMS (com.pansi.msg) application 1.97, 2.01, and 2.07 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1479 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the AContact (com.movester.quickcontact) application 1.8.2 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1478 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the UCMobile BloveStorm (com.blovestorm) application 2.2.0 and 3.2.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1477 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Cnectd (mci.cnectd) application 3.1.0 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1476 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the KKtalk (com.kkliaotian.android) application 4.0.0 and 4.1.5 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1475 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the YagattaTalk Messenger (com.iskoot.yagatta.yagattatalk) application 1.00.01.08 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1474 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Youni SMS (com.snda.youni) application 2.1.0c and 2.1.0d for Android has unknown impact and attack vectors. | |||
| CVE-2012-1409 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Tiny Password (com.tinycouch.android.freepassword) application 1.64 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1408 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the App Lock (com.cc.applock) application 1.7.5 and 1.7.6 for Android has unknown impact and attack vectors. | |||
| CVE-2012-0124 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service… | |||
| CVE-2012-0123 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service… | |||
| CVE-2012-0122 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service… | |||
| CVE-2012-0121 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service… | |||
| CVE-2012-0016 | critical | — | 10.0 | 14y ago | Untrusted search path vulnerability in Microsoft Expression Design; Expression Design SP1; and Expression Design 2, 3, and 4 allows local users to gain privileges via a Trojan horse DLL in the curren… | |||
| CVE-2012-0002 | critical | — | 10.0 | 14y ago | The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 d… | |||
| CVE-2012-0245 | critical | — | 10.0 | 14y ago | Multiple stack-based buffer overflows in RobNetScanHost.exe in ABB Robot Communications Runtime before 5.14.02, as used in ABB Interlink Module, IRC5 OPC Server, PC SDK, PickMaster 3 and 5, RobView 5… | |||
| CVE-2012-1407 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO Message Widget (com.gau.go.launcherex.gowidget.smswidget) application 1.9, 2.1, and 2.3 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1406 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO Bookmark Widget (com.gau.go.launcherex.gowidget.bookmark) application 1.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1405 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO Note Widget (com.gau.go.launcherex.gowidget.notewidget) application 1.5 and 1.9 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1404 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Dolphin Browser Mini (com.dolphin.browser) application 2.2 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1403 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Dolphin Browser CN (com.dolphin.browser.cn) application 6.3.1 and 7.2.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1402 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the QianXun YingShi (com.qianxun.yingshi) application 1.2.3 and 1.3.4 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1401 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the CamScanner (com.intsig.camscanner) application 1.2.2.20110823 and 1.3.2.20120116 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1400 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the U+Box 2.0 Pad (lg.uplusbox.pad) application 2.0.8.4 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1399 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the U+Box 2.0 (lg.uplusbox) application 2.0.2 and 2.0.8.4 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1398 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO WeiboWidget (com.gau.go.launcherex.gowidget.weibowidget) application 2.4 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1397 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO QQWeiboWidget (com.gau.go.launcherex.gowidget.qqweibowidget) application 1.2 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1396 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO FBWidget (com.gau.go.launcherex.gowidget.fbwidget) application 1.9 and 2.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1395 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO TwiWidget (com.gau.go.launcherex.gowidget.twitterwidget) application 1.7 and 2.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1394 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO Email Widget (com.gau.go.launcherex.gowidget.emailwidget) application 1.3.1, 1.8, and 1.81 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1393 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the GO SMS Pro (com.jb.gosms) application 3.72, 4.10, and 4.35 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1392 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Dolphin Browser HD (mobi.mgeek.TunnyBrowser) application 6.2.0, 7.2.1, 7.3.0, and 7.4.0 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1391 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the mOffice - Outlook sync (com.innov8tion.isharesync) application 3.1 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1390 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Miso (com.bazaarlabs.miso) application 2.2 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1389 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Di Long Weibo (com.icekirin.weibos) application 1.9.9 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1388 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the XiXunTianTian (com.xixun.tiantian) application 0.6.2 beta for Android has unknown impact and attack vectors. | |||
| CVE-2012-1387 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the RealTalk (com.tmsmanager.tms) application A.0.9.250 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1386 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the YouMail Visual Voicemail Plus (com.youmail.android.vvm) application 2.0.45 and 2.1.43 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1385 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the NetEase WeiboHD (com.netease.wbhd) application 1.0.0 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1384 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the NetEase Pmail (com.netease.rpmms) application 0.5.0 and 0.5.2 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1383 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the NetEase Reader (com.netease.pris) application 1.1.2 and 1.2.0 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1382 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the Youdao Dictionary (com.youdao.dict) application 1.6.1, 2.0.1(2), and 3.0.0(1) for Android has unknown impact and attack vectors. | |||
| CVE-2012-1381 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the NetEase CloudAlbum (com.netease.cloudalbum) application 2.0.0 and 2.2.0 for Android has unknown impact and attack vectors. | |||
| CVE-2012-1380 | critical | — | 10.0 | 14y ago | Unspecified vulnerability in the NetEaseWeibo (com.netease.wb) application 1.2.1 and 1.2.2 for Android has unknown impact and attack vectors. | |||
| CVE-2012-0198 | critical | — | 10.0 | 14y ago | Stack-based buffer overflow in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control in IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1 allows remote attackers to … | |||
| CVE-2012-0768 | critical | — | 10.0 | 14y ago | The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 o… | |||
| CVE-2012-0838 | critical | — | 10.0 | 15y ago | Apache Struts Code injection due to conversion error | |||
| CVE-2012-0201 | critical | — | 10.0 | 15y ago | Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long prof… | |||
| CVE-2012-1418 | critical | — | 10.0 | 15y ago | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2012-1288 | critical | — | 10.0 | 15y ago | The UTC Fire & Security GE-MC100-NTP/GPS-ZB Master Clock device uses hardcoded credentials for an administrative account, which makes it easier for remote attackers to obtain access via an HTTP sessi… | |||
| CVE-2012-0243 | critical | — | 10.0 | 15y ago | Buffer overflow in an ActiveX control in bwocxrun.ocx in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code by leveraging the ability to write arbitrary content… | |||
| CVE-2012-0242 | critical | — | 10.0 | 15y ago | Format string vulnerability in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via format string specifiers in a message string. | |||
| CVE-2012-0240 | critical | — | 10.0 | 15y ago | GbScriptAddUp.asp in Advantech/BroadWin WebAccess before 7.0 does not properly perform authentication, which allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2012-0238 | critical | — | 10.0 | 15y ago | Stack-based buffer overflow in opcImg.asp in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2012-0751 | critical | — | 10.0 | 15y ago | The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via uns… | |||
| CVE-2012-0508 | critical | — | 10.0 | 15y ago | Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX, 1.3.0 and earlier, and 1.2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via… | |||
| CVE-2012-0500 | critical | — | 10.0 | 15y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java … | |||
| CVE-2012-0499 | critical | — | 10.0 | 15y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and J… | |||
| CVE-2012-0498 | critical | — | 10.0 | 15y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to a… | |||
| CVE-2012-0497 | critical | — | 10.0 | 15y ago | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, int… | |||
| CVE-2012-0766 | critical | — | 10.0 | 15y ago | The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif… | |||
| CVE-2012-0764 | critical | — | 10.0 | 15y ago | The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif… | |||
| CVE-2012-0763 | critical | — | 10.0 | 15y ago | The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif… | |||
| CVE-2012-0762 | critical | — | 10.0 | 15y ago | The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif… | |||
| CVE-2012-0761 | critical | — | 10.0 | 15y ago | The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif… | |||
| CVE-2012-0760 | critical | — | 10.0 | 15y ago | The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif… | |||
| CVE-2012-0759 | critical | — | 10.0 | 15y ago | Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0… | |||
| CVE-2012-0758 | critical | — | 10.0 | 15y ago | Heap-based buffer overflow in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code via unspecified vectors. | |||
| CVE-2012-0757 | critical | — | 10.0 | 15y ago | The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a dif… | |||
| CVE-2012-1002 | critical | — | 10.0 | 15y ago | SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter. | |||
| CVE-2012-0290 | critical | — | 10.0 | 15y ago | Symantec pcAnywhere through 12.5.3, Altiris IT Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1 (aka 12.6.x), Altiris Client Management Suite pcAnywhere Solution 7.0 (aka 12.5.x) and 7.1… | |||
| CVE-2012-0444 | critical | — | 10.0 | 15y ago | Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 do not properly initialize nsChildView data structures, which allows remote … | |||
| CVE-2012-0443 | critical | — | 10.0 | 15y ago | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 9.0, Thunderbird 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of servic… | |||
| CVE-2012-0918 | critical | — | 10.0 | 15y ago | Unspecified vulnerability in Hitachi COBOL2002 Net Developer, Net Server Suite, and Net Client Suite 01-00, 01-01 through 01-01-/D, 01-02 through 01-02-/F, 01-03 through 01-03-/F, 02-00 through 02-00… | |||
| CVE-2012-0267 | critical | — | 10.0 | 15y ago | The StopModule method in the NTR ActiveX control before 2.0.4.8 allows remote attackers to execute arbitrary code via a crafted lModule parameter that triggers use of an arbitrary memory address as a… | |||
| CVE-2012-0266 | critical | — | 10.0 | 15y ago | Multiple stack-based buffer overflows in the NTR ActiveX control before 2.0.4.8 allow remote attackers to execute arbitrary code via (1) a long bstrUrl parameter to the StartModule method, (2) a long… | |||
| CVE-2012-0697 | critical | — | 10.0 | 15y ago | HP StorageWorks P2000 G3 MSA array systems have a default account, which makes it easier for remote attackers to perform administrative tasks via unspecified vectors, a different vulnerability than C… | |||
| CVE-2012-0695 | critical | — | 10.0 | 15y ago | Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors. | |||
| CVE-2012-0013 | critical | — | 10.0 | 15y ago | Incomplete blacklist vulnerability in the Windows Packager configuration in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and … | |||
| CVE-2012-1516 | critical | 9.9 | 9.9 | 14y ago | The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process cr… | |||
| CVE-2012-3503 | critical | 9.8 | 9.8 | 4y ago | Katello uses hard coded credential |