Vulnerabilities > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-09-04 | CVE-2012-2288 | USE of Externally-Controlled Format String vulnerability in EMC Networker 7.6.3/7.6.4/8.0 Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message. | 9.3 |
2012-09-04 | CVE-2012-0275 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Photoshop Cs5.5 and Photoshop CS6 Heap-based buffer overflow in Photoshop.exe in Adobe Photoshop CS5 12.x before 12.0.5, CS5.1 12.1.x before 12.1.1, and CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted TIFF image with SGI24LogLum compression. | 10.0 |
2012-08-31 | CVE-2010-5194 | Buffer Errors vulnerability in Viscomsoft Image Viewer CP Gold SDK and Image Viewer CP PRO SDK Stack-based buffer overflow in the Image2PDF function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0, Gold 5.5, Gold 6.0, and earlier allows remote attackers to execute arbitrary code via a long strPDFFile parameter. | 9.3 |
2012-08-31 | CVE-2010-5193 | Buffer Errors vulnerability in Viscomsoft Image Viewer CP Gold SDK and Image Viewer CP PRO SDK Stack-based buffer overflow in the TIFMergeMultiFiles function in the SCRIBBLE.ScribbleCtrl.1 ActiveX control (ImageViewer2.ocx) in Viscom Image Viewer CP Pro 8.0 and Gold 6.0 allows remote attackers to execute arbitrary code via a long strDelimit parameter. | 9.3 |
2012-08-31 | CVE-2012-4170 | Buffer Errors vulnerability in Adobe Photoshop CS6 13.0 Buffer overflow in Adobe Photoshop CS6 13.x before 13.0.1 allows remote attackers to execute arbitrary code via a crafted file. | 9.3 |
2012-08-31 | CVE-2012-2186 | Unspecified vulnerability in Asterisk products Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action. | 9.0 |
2012-08-30 | CVE-2012-3136 | Remote Code Execution vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-1682. | 10.0 |
2012-08-30 | CVE-2012-1682 | Remote Code Execution vulnerability in Oracle JDK and JRE Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans, a different vulnerability than CVE-2012-3136. | 10.0 |
2012-08-30 | CVE-2011-5133 | Multiple Security vulnerability in MyBB Unspecified vulnerability in MyBB before 1.6.5 has unknown impact and attack vectors, related to an "unparsed user avatar in the buddy list." | 10.0 |
2012-08-30 | CVE-2012-3254 | Unspecified vulnerability in HP Inode Management Center PC 5.0/5.1 Multiple unspecified vulnerabilities in HP iNode Management Center before iNode PC 5.1 E0304 allow remote attackers to execute arbitrary code via crafted input, as demonstrated by a stack-based buffer overflow in iNodeMngChecker.exe for a crafted 0x0A0BF007 packet. | 10.0 |