Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-18 | CVE-2016-1995 | Unspecified vulnerability in HP System Management Homepage HPE System Management Homepage before 7.5.4 allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2016-03-17 | CVE-2016-3191 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre and Pcre2 The compile_branch function in pcre_compile.c in PCRE 8.x before 8.39 and pcre2_compile.c in PCRE2 before 10.22 mishandles patterns containing an (*ACCEPT) substring in conjunction with nested parentheses, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror, aka ZDI-CAN-3542. | 9.8 |
| 2016-03-17 | CVE-2016-2345 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dameware Mini Remote Control 12.0 Stack-based buffer overflow in dwrcs.exe in the dwmrcs daemon in SolarWinds DameWare Mini Remote Control 12.0 allows remote attackers to execute arbitrary code via a crafted string. | 9.8 |
| 2016-03-15 | CVE-2016-1989 | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1988. | 9.8 |
| 2016-03-15 | CVE-2016-1988 | Unspecified vulnerability in HP Network Automation HPE Network Automation 9.22 through 9.22.02 and 10.x before 10.00.02 allows remote attackers to execute arbitrary code or obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-1989. | 9.8 |
| 2016-03-13 | CVE-2016-1962 | Use-after-free vulnerability in the mozilla::DataChannelConnection::Close function in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to execute arbitrary code by leveraging mishandling of WebRTC data-channel connections. | 9.8 |
| 2016-03-12 | CVE-2016-1621 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libvpx in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.0 before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to libwebm/mkvparser.cpp and other files, aka internal bug 23452792. | 9.8 |
| 2016-03-12 | CVE-2016-0816 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 6.0/6.0.1 mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka internal bug 25928803. | 9.8 |
| 2016-03-12 | CVE-2016-0815 | Improper Input Validation vulnerability in Google Android The MPEG4Source::fragmentedRead function in MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 26365349. | 9.8 |
| 2016-03-12 | CVE-2015-7411 | Permissions, Privileges, and Access Controls vulnerability in IBM Tivoli Monitoring The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors. | 9.9 |