Vulnerabilities > Microsoft > Windows > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-08-15 | CVE-2012-1525 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
2012-08-06 | CVE-2012-4145 | Unspecified vulnerability in Opera Browser Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, has unknown impact and attack vectors, related to a "low severity issue." | 10.0 |
2012-06-29 | CVE-2012-2015 | Unspecified vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote authenticated users to gain privileges and obtain sensitive information via unknown vectors. | 9.0 |
2012-06-29 | CVE-2012-2014 | Unspecified vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 7.1.1 does not properly validate input, which allows remote authenticated users to have an unspecified impact via unknown vectors. | 9.0 |
2012-06-29 | CVE-2012-2012 | Unspecified vulnerability in HP System Management Homepage HP System Management Homepage (SMH) before 7.1.1 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. | 10.0 |
2012-06-20 | CVE-2012-2493 | Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523. | 9.3 |
2012-05-21 | CVE-2012-2376 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PHP Buffer overflow in the com_print_typeinfo function in PHP 5.4.3 and earlier on Windows allows remote attackers to execute arbitrary code via crafted arguments that trigger incorrect handling of COM object VARIANT types, as exploited in the wild in May 2012. | 10.0 |
2012-05-16 | CVE-2012-0669 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Buffer overflow in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with Sorenson encoding. | 9.3 |
2012-05-16 | CVE-2012-0667 | Numeric Errors vulnerability in Apple Quicktime Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file. | 9.3 |
2012-05-16 | CVE-2012-0666 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Apple Quicktime Stack-based buffer overflow in the plugin in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTMovie object. | 9.3 |