Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2016-01-14 CVE-2016-0942 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2016-01-14 CVE-2016-0940 Unspecified vulnerability in Adobe products
Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0941.
network
low complexity
adobe apple microsoft
critical
10.0
2016-01-14 CVE-2016-0938 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
network
adobe apple microsoft CWE-119
critical
9.3
2016-01-14 CVE-2016-0937 Unspecified vulnerability in Adobe products
Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941.
network
adobe apple microsoft
critical
9.3
2016-01-14 CVE-2016-0936 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
network
adobe apple microsoft CWE-119
critical
9.3
2016-01-14 CVE-2016-0933 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe products
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0936, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946.
network
low complexity
adobe apple microsoft CWE-119
critical
10.0
2016-01-13 CVE-2016-0035 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
network
microsoft CWE-119
critical
9.3
2016-01-13 CVE-2016-0024 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Scripting Engine Memory Corruption Vulnerability."
network
microsoft CWE-119
critical
9.3
2016-01-13 CVE-2016-0019 7PK - Security Features vulnerability in Microsoft Windows 10 1511
The Remote Desktop Protocol (RDP) service implementation in Microsoft Windows 10 Gold and 1511 allows remote attackers to bypass intended access restrictions and establish sessions for blank-password accounts via a modified RDP client, aka "Windows Remote Desktop Protocol Security Bypass Vulnerability."
network
microsoft CWE-254
critical
9.3
2016-01-13 CVE-2016-0015 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap Corruption Remote Code Execution Vulnerability."
network
microsoft CWE-119
critical
9.3