Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-07-01 | CVE-2014-1356 | Buffer Errors vulnerability in Apple Iphone OS, mac OS X and Tvos Heap-based buffer overflow in launchd in Apple iOS before 7.1.2, Apple OS X before 10.9.4, and Apple TV before 6.1.2 allows attackers to execute arbitrary code via a crafted application that sends IPC messages. | 10.0 |
| 2014-06-28 | CVE-2014-4648 | Security vulnerability in Piwigo Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact and attack vectors, related to a "security failure." | 10.0 |
| 2014-06-28 | CVE-2014-2613 | Privilege Escalation vulnerability in HP Release Control Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003 p1 on Windows and 9.2x before RC 9.21.0002 p1 on Linux allows remote authenticated users to gain privileges via unknown vectors. | 9.0 |
| 2014-06-21 | CVE-2014-3073 | Remote Code Execution vulnerability in IBM Security Access Manager Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
| 2014-06-20 | CVE-2012-5106 | Buffer Errors vulnerability in Freefloat FTP Server 1.0 Stack-based buffer overflow in FreeFloat FTP Server 1.0 allows remote authenticated users to execute arbitrary code via a long string in a PUT command. | 10.0 |
| 2014-06-19 | CVE-2012-2052 | Buffer Errors vulnerability in Adobe Photoshop CS5 and Photoshop Cs5.1 Stack-based buffer overflow in the U3D.8BI library plugin in Adobe Photoshop CS5 12.x before 12.0.5 and CS5.1 12.1.x before 12.1.1 allows remote attackers to execute arbitrary code via a long Collada asset element in a DAE file, as demonstrated by the cameraYFov value in the contributor comments element. | 9.3 |
| 2014-06-19 | CVE-2014-2782 | Buffer Errors vulnerability in Microsoft Internet Explorer 10/11/9 Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1773, CVE-2014-1783, CVE-2014-1784, CVE-2014-1786, CVE-2014-1795, CVE-2014-1805, CVE-2014-2758, CVE-2014-2759, CVE-2014-2765, CVE-2014-2766, and CVE-2014-2775. | 9.3 |
| 2014-06-19 | CVE-2014-2611 | Path Traversal vulnerability in HP Executive Scorecard 9.40/9.41 Directory traversal vulnerability in the fndwar web application in HP Executive Scorecard 9.40 and 9.41 allows remote authenticated users to execute arbitrary code, or obtain sensitive information or delete data, via unspecified vectors, aka ZDI-CAN-2120. | 9.0 |
| 2014-06-19 | CVE-2014-2609 | Improper Authentication vulnerability in HP Executive Scorecard 9.40/9.41 The Java Glassfish Admin Console in HP Executive Scorecard 9.40 and 9.41 does not require authentication, which allows remote attackers to execute arbitrary code via a session on TCP port 10001, aka ZDI-CAN-2116. | 10.0 |
| 2014-06-18 | CVE-2014-4152 | Code Injection vulnerability in Alienvault Open Source Security Information Management The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute arbitrary code via a crafted remote_task request, related to injecting an ssh public key. | 10.0 |