Vulnerabilities > Microsoft > Windows
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-05-16 | CVE-2011-3098 | Permissions, Privileges, and Access Controls vulnerability in multiple products Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory. | 7.2 |
| 2012-05-04 | CVE-2012-0779 | Object Type Confusion Remote Code Execution vulnerability in Adobe Flash Player Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," as exploited in the wild in May 2012. | 9.3 |
| 2012-05-03 | CVE-2012-0519 | Remote Core RDBMS vulnerability in Oracle Database Server 11.2.0.2 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 7.1 |
| 2012-04-05 | CVE-2012-0132 | Cross-Site Scripting vulnerability in HP Business Availability Center 9.01 Cross-site scripting (XSS) vulnerability in HP Business Availability Center (BAC) 9.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-03-28 | CVE-2012-0772 | Buffer Errors vulnerability in Adobe AIR and Flash Player An unspecified ActiveX control in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228, and AIR before 3.2.0.2070, on Windows does not properly perform URL security domain checking, which allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors. | 10.0 |
| 2012-03-12 | CVE-2012-0584 | Improper Input Validation vulnerability in Apple Safari The Internationalized Domain Name (IDN) feature in Apple Safari before 5.1.4 on Windows does not properly restrict the characters in URLs, which allows remote attackers to spoof a domain name via unspecified homoglyphs. | 6.4 |
| 2012-03-05 | CVE-2012-0769 | Numeric Errors vulnerability in Adobe Flash Player and Flash Player for Android Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x does not properly handle integers, which allows attackers to obtain sensitive information via unspecified vectors. | 5.0 |
| 2012-03-05 | CVE-2012-0768 | Resource Management Errors vulnerability in Adobe Flash Player and Flash Player for Android The Matrix3D component in Adobe Flash Player before 10.3.183.16 and 11.x before 11.1.102.63 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.7 on Android 2.x and 3.x; and before 11.1.115.7 on Android 4.x allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
| 2012-02-21 | CVE-2011-4187 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. | 10.0 |
| 2012-02-21 | CVE-2011-4186 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Novell Iprint Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705. | 9.3 |