Vulnerabilities > Microsoft > Windows > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2017-7845 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A buffer overflow occurs when drawing and validating elements using Direct 3D 9 with the ANGLE graphics library, used for WebGL content. | 9.3 |
| 2018-05-19 | CVE-2018-4924 | OS Command Injection vulnerability in Adobe Dreamweaver Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. | 10.0 |
| 2018-05-19 | CVE-2018-4928 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Indesign Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. | 9.3 |
| 2018-04-03 | CVE-2017-7172 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.3 |
| 2018-04-03 | CVE-2018-4144 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 9.3 |
| 2018-03-29 | CVE-2018-5224 | Improper Input Validation vulnerability in Atlassian Bamboo Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. | 9.0 |
| 2018-02-05 | CVE-2018-6461 | Untrusted Search Path vulnerability in March-Hare Wincvs March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory. | 9.3 |
| 2017-12-09 | CVE-2017-11294 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Shockwave 8.5.1.102 An issue was discovered in Adobe Shockwave 12.2.9.199 and earlier. | 10.0 |
| 2017-12-06 | CVE-2017-17069 | Untrusted Search Path vulnerability in Amazon Audible 2.34.0/2.44.1 ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. | 9.3 |
| 2017-11-20 | CVE-2016-6804 | Permissions, Privileges, and Access Controls vulnerability in Apache Openoffice The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. | 9.3 |