Vulnerabilities > Microsoft > Windows > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-05-16 | CVE-2011-3098 | Permissions, Privileges, and Access Controls vulnerability in multiple products Google Chrome before 19.0.1084.46 on Windows uses an incorrect search path for the Windows Media Player plug-in, which might allow local users to gain privileges via a Trojan horse plug-in in an unspecified directory. | 7.2 |
| 2012-05-03 | CVE-2012-0519 | Remote Core RDBMS vulnerability in Oracle Database Server 11.2.0.2 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 7.1 |
| 2011-12-16 | CVE-2011-4734 | SQL Injection vulnerability in Parallels Plesk Panel 10.2.0Build20110407.20 Multiple SQL injection vulnerabilities in the Control Panel in Parallels Plesk Panel 10.2.0 build 20110407.20 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by file-manager/ and certain other files. | 7.5 |
| 2011-12-16 | CVE-2011-4725 | SQL Injection vulnerability in Parallels Plesk Panel 10.2.0Build1011110331.18 Multiple SQL injection vulnerabilities in the Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 allow remote attackers to execute arbitrary SQL commands via crafted input to a PHP script, as demonstrated by login_up.php3 and certain other files. | 7.5 |
| 2011-10-19 | CVE-2011-3516 | Remote Java Runtime Environment vulnerability in SUN JDK and JRE Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 6 Update 27 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | 7.6 |
| 2011-07-17 | CVE-2011-1223 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Tivoli Storage Manager Buffer overflow in the Alternate Data Stream (aka ADS or named stream) functionality in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2011-07-17 | CVE-2011-1222 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Tivoli Storage Manager Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2011-06-14 | CVE-2011-0788 | Remote Java Runtime Environment vulnerability in SUN JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. | 7.6 |
| 2011-06-14 | CVE-2011-0786 | Remote Java Runtime Environment vulnerability in SUN JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. | 7.6 |
| 2011-06-02 | CVE-2011-2041 | Permissions, Privileges, and Access Controls vulnerability in Cisco Anyconnect Secure Mobility Client The Start Before Logon (SBL) functionality in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.254 on Windows, and on Windows Mobile, allows local users to gain privileges via unspecified user-interface interaction, aka Bug ID CSCta40556. | 7.2 |