Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2014-09-10 CVE-2014-0552 Buffer Errors vulnerability in Adobe Air, Adobe AIR SDK and Flash Player
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, and CVE-2014-0555.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10
2014-09-10 CVE-2014-0551 Buffer Errors vulnerability in Adobe Air, Adobe AIR SDK and Flash Player
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0550, CVE-2014-0552, and CVE-2014-0555.
network
low complexity
adobe apple microsoft google linux CWE-119
critical
 10.0
10
2014-09-10 CVE-2014-0550 Buffer Errors vulnerability in Adobe Air, Adobe AIR SDK and Flash Player
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0549, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
network
low complexity
adobe apple microsoft google linux CWE-119
critical
 10.0
10
2014-09-10 CVE-2014-0549 Buffer Errors vulnerability in Adobe Air, Adobe AIR SDK and Flash Player
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0547, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
network
low complexity
adobe apple microsoft google linux CWE-119
critical
 10.0
10
2014-09-10 CVE-2014-0547 Buffer Errors vulnerability in Adobe Air, Adobe AIR SDK and Flash Player
Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR SDK & Compiler before 15.0.0.249 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, and CVE-2014-0555.
network
low complexity
adobe apple microsoft linux google CWE-119
critical
 10.0
10
2014-09-05 CVE-2014-0610 Untrusted Pointer Dereference Remote Code Execution vulnerability in GroupWise
The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
network
low complexity
novell microsoft
critical
 10.0
10
2014-09-03 CVE-2014-1567 Use After Free Memory Corruption vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
Use-after-free vulnerability in DirectionalityUtils.cpp in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to execute arbitrary code via text that is improperly handled during the interaction between directionality resolution and layout.
network
mozilla
critical
 9.3
9.3
2014-09-03 CVE-2014-1563 USE After Free vulnerability in multiple products
Use-after-free vulnerability in the mozilla::DOMSVGLength::GetTearOff function in Mozilla Firefox before 32.0, Firefox ESR 31.x before 31.1, and Thunderbird 31.x before 31.1 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an SVG animation with DOM interaction that triggers incorrect cycle collection.
network
low complexity
opensuse oracle mozilla CWE-416
critical
 10.0
10
2014-09-03 CVE-2014-1562 Buffer Errors vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird
Unspecified vulnerability in the browser engine in Mozilla Firefox before 32.0, Firefox ESR 24.x before 24.8 and 31.x before 31.1, and Thunderbird 24.x before 24.8 and 31.x before 31.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
network
low complexity
mozilla CWE-119
critical
 10.0
10
2014-09-03 CVE-2014-1554 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mozilla Firefox
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 32.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
network
low complexity
mozilla CWE-119
critical
 10.0
10