Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-16 | CVE-2016-4261 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Digital Editions Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, and CVE-2016-4262. | 9.8 |
| 2016-09-16 | CVE-2016-4260 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Digital Editions Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261, and CVE-2016-4262. | 9.8 |
| 2016-09-16 | CVE-2016-4259 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Digital Editions Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262. | 9.8 |
| 2016-09-16 | CVE-2016-4258 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Digital Editions Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262. | 9.8 |
| 2016-09-16 | CVE-2016-4257 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Digital Editions Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262. | 9.8 |
| 2016-09-16 | CVE-2016-4256 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Digital Editions Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262. | 9.8 |
| 2016-09-16 | CVE-2016-2182 | Out-of-bounds Write vulnerability in multiple products The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors. | 9.8 |
| 2016-09-12 | CVE-2016-6394 | Permissions, Privileges, and Access Controls vulnerability in Cisco Firesight System Software Session fixation vulnerability in Cisco Firepower Management Center and Cisco FireSIGHT System Software through 6.1.0 allows remote attackers to hijack web sessions via a session identifier, aka Bug ID CSCuz80503. | 9.1 |
| 2016-09-12 | CVE-2016-7134 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP ext/curl/interface.c in PHP 7.x before 7.0.10 does not work around a libcurl integer overflow, which allows remote attackers to cause a denial of service (allocation error and heap-based buffer overflow) or possibly have unspecified other impact via a long string that is mishandled in a curl_escape call. | 9.8 |
| 2016-09-12 | CVE-2016-7129 | Improper Input Validation vulnerability in PHP The php_wddx_process_data function in ext/wddx/wddx.c in PHP before 5.6.25 and 7.x before 7.0.10 allows remote attackers to cause a denial of service (segmentation fault) or possibly have unspecified other impact via an invalid ISO 8601 time value, as demonstrated by a wddx_deserialize call that mishandles a dateTime element in a wddxPacket XML document. | 9.8 |