Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-06-11 | CVE-2014-3911 | Code Injection vulnerability in Samsung Ipolis Device Manager 1.8.2 Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via unspecified values to the (1) Start, (2) ChangeControlLocalName, (3) DeleteDeviceProfile, (4) FrameAdvanceReader, or other unknown method in the XNSSDKDEVICE.XnsSdkDeviceCtrlForIpInstaller.1 ActiveX control. | 9.3 |
| 2014-06-11 | CVE-2014-2978 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write. | 10.0 |
| 2014-06-11 | CVE-2014-2977 | Numeric Errors vulnerability in multiple products Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.13 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow. | 10.0 |
| 2014-06-11 | CVE-2011-3625 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the sub_read_line_sami function in subreader.c in MPlayer, as used in SMPlayer 0.6.9, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a SAMI subtitle file. | 9.3 |
| 2014-06-11 | CVE-2014-1545 | Out of Bounds Memory Corruption vulnerability in Mozilla Netscape Portable Runtime Mozilla Netscape Portable Runtime (NSPR) before 4.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via vectors involving the sprintf and console functions. | 10.0 |
| 2014-06-11 | CVE-2014-1541 | Memory Corruption vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. | 10.0 |
| 2014-06-11 | CVE-2014-1540 | Memory Corruption vulnerability in Mozilla Firefox Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. | 9.3 |
| 2014-06-11 | CVE-2014-1538 | Memory Corruption vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | 10.0 |
| 2014-06-11 | CVE-2014-1537 | Memory Corruption vulnerability in Mozilla Firefox/Thunderbird Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | 10.0 |
| 2014-06-11 | CVE-2014-1536 | Memory Corruption vulnerability in Mozilla Firefox/Thunderbird The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | 10.0 |