Vulnerabilities > Microsoft > Windows > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-04-05 | CVE-2013-0680 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cogentdatahub products Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP header. | 7.5 |
| 2013-04-03 | CVE-2013-0799 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla products Buffer overflow in the Mozilla Maintenance Service in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, and Thunderbird ESR 17.x before 17.0.5 on Windows allows local users to gain privileges via crafted arguments. | 7.2 |
| 2013-02-23 | CVE-2013-2268 | Security vulnerability in WebKit MathML Library Unspecified vulnerability in the MathML implementation in WebKit in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, has unknown impact and remote attack vectors, related to a "high severity security issue." | 7.5 |
| 2013-02-11 | CVE-2013-1406 | Improper Input Validation vulnerability in VMWare products The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2012-11-14 | CVE-2012-5459 | Unspecified vulnerability in VMWare Player and Workstation Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder." Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path" | 7.9 |
| 2012-11-14 | CVE-2012-5458 | Permissions, Privileges, and Access Controls vulnerability in VMWare Player and Workstation VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application. | 8.3 |
| 2012-08-06 | CVE-2012-1910 | Unspecified vulnerability in Bitcoin Bitcoin-Qt and Bitcoin Core Bitcoin-Qt 0.5.0.x before 0.5.0.5; 0.5.1.x, 0.5.2.x, and 0.5.3.x before 0.5.3.1; and 0.6.x before 0.6.0rc4 on Windows does not use MinGW multithread-safe exception handling, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted Bitcoin protocol messages. | 7.5 |
| 2012-06-29 | CVE-2012-2013 | Unspecified vulnerability in HP System Management Homepage Unspecified vulnerability in HP System Management Homepage (SMH) before 7.1.1 allows remote attackers to cause a denial of service, or possibly obtain sensitive information or modify data, via unknown vectors. | 7.5 |
| 2012-06-27 | CVE-2012-2764 | Unspecified vulnerability in Google Chrome Untrusted search path vulnerability in Google Chrome before 20.0.1132.43 on Windows might allow local users to gain privileges via a Trojan horse Metro DLL in the current working directory. | 7.2 |
| 2012-06-05 | CVE-2012-1942 | Permissions, Privileges, and Access Controls vulnerability in Mozilla Firefox, Seamonkey and Thunderbird The Mozilla Updater and Windows Updater Service in Mozilla Firefox 12.0, Thunderbird 12.0, and SeaMonkey 2.9 on Windows allow local users to gain privileges by loading a DLL file in a privileged context. | 7.2 |