Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2012-09-15 CVE-2011-5164 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Vandyke Absoluteftp
Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP servers to execute arbitrary code via a crafted file name in a LIST command response.
network
vandyke CWE-119
critical
9.3
2012-09-15 CVE-2011-5162 Buffer Errors vulnerability in Gomlab GOM Player 2.1.33.5071
Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag.
network
gomlab CWE-119
critical
9.3
2012-09-13 CVE-2012-4907 Permissions, Privileges, and Access Controls vulnerability in Google Chrome
Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page.
network
google CWE-264
critical
9.3
2012-09-13 CVE-2012-3701 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
network
apple CWE-119
critical
9.3
2012-09-13 CVE-2012-3687 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
network
apple CWE-119
critical
9.3
2012-09-13 CVE-2012-3632 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
network
apple CWE-119
critical
9.3
2012-09-13 CVE-2012-3621 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
network
apple CWE-119
critical
9.3
2012-09-13 CVE-2012-3607 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
network
apple CWE-119
critical
9.3
2012-09-13 CVE-2012-3606 Buffer Errors vulnerability in Apple Iphone OS and Itunes
WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-09-12-1.
network
apple CWE-119
critical
9.3
2012-09-08 CVE-2012-4011 OS Command Injection vulnerability in Cybozu Kunai 2.0.5
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.
network
cybozu CWE-78
critical
9.3