Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-10 | CVE-2016-0952 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge CC and Photoshop CC Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0951 and CVE-2016-0953. | 9.8 |
| 2016-02-10 | CVE-2016-0951 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Bridge CC and Photoshop CC Adobe Photoshop CC 2014 before 15.2.4, Photoshop CC 2015 before 16.1.2, and Bridge CC before 6.2 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0952 and CVE-2016-0953. | 9.8 |
| 2016-02-10 | CVE-2016-0949 | Unspecified vulnerability in Adobe Connect Adobe Connect before 9.5.2 allows remote attackers to have an unspecified impact via a crafted parameter in a URL. | 9.8 |
| 2016-02-08 | CVE-2015-8361 | Improper Access Control vulnerability in Atlassian Bamboo Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not require authentication, which allows remote attackers to obtain sensitive information, modify settings, or manage build agents via unknown vectors involving the JMS port. | 9.1 |
| 2016-02-08 | CVE-2015-8360 | Improper Input Validation vulnerability in Atlassian Bamboo An unspecified resource in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 allows remote attackers to execute arbitrary Java code via serialized data to the JMS port. | 9.8 |
| 2016-02-08 | CVE-2015-3252 | Credentials Management vulnerability in Apache Cloudstack Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server. | 9.8 |
| 2016-02-08 | CVE-2014-9757 | Improper Input Validation vulnerability in Atlassian Bamboo The Ignite Realtime Smack XMPP API, as used in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0, allows remote configured XMPP servers to execute arbitrary Java code via serialized data in an XMPP message. | 9.8 |
| 2016-02-08 | CVE-2016-2230 | Credentials Management vulnerability in Openelec OpenELEC and RasPlex devices have a hardcoded password for the root account, which makes it easier for remote attackers to obtain access via an SSH session. | 9.8 |
| 2016-02-08 | CVE-2015-8787 | NULL Pointer Dereference vulnerability in Linux Kernel The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by sending certain IPv4 packets to an incompletely configured interface, a related issue to CVE-2003-1604. | 9.8 |
| 2016-02-07 | CVE-2016-0804 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25070434. | 9.8 |