Search
31,034 CVEs · Critical severity
CVEs (31,034, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 226–250 of 31,034 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2014-6287 | CRITICAL | Patched | 9.8 | 2014-10-07 | The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackers to execute arbitrary programs… |
| CVE-2015-0311 | CRITICAL | Patched | 9.8 | 2015-01-23 | Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows … |
| CVE-2015-0313 | CRITICAL | Patched | 9.8 | 2015-02-02 | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows rem… |
| CVE-2015-1427 | CRITICAL | Patched | 9.8 | 2015-02-17 | The Groovy scripting engine in Elasticsearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary sh… |
| CVE-2015-1635 | CRITICAL | 9.8 | 2015-04-14 | HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary co… | |
| CVE-2015-3043 | CRITICAL | Patched | 9.8 | 2015-04-14 | Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code… |
| CVE-2014-8361 | CRITICAL | Patched | 9.8 | 2015-05-01 | The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023. |
| CVE-2015-4068 | CRITICAL | Patched | 9.1 | 2015-05-29 | Directory traversal vulnerability in Arcserve UDP before 5.0 Update 4 allows remote attackers to obtain sensitive information or cause a denial of service via a crafted fil… |
| CVE-2015-3113 | CRITICAL | Patched | 9.8 | 2015-06-23 | Heap-based buffer overflow in Adobe Flash Player before 13.0.0.296 and 14.x through 18.x before 18.0.0.194 on Windows and OS X and before 11.2.202.468 on Linux allows remot… |
| CVE-2015-0192 | CRITICAL | Patched | 9.8 | 2015-07-02 | Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attac… |
| CVE-2015-5119 | CRITICAL | Patched | 9.8 | 2015-07-08 | Use-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on … |
| CVE-2015-5122 | CRITICAL | Patched | 9.8 | 2015-07-14 | Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x t… |
| CVE-2015-5123 | CRITICAL | Patched | 9.8 | 2015-07-14 | Use-after-free vulnerability in the BitmapData class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.302 on Windows and OS X, 14.x thro… |
| CVE-2015-2590 | CRITICAL | 9.8 | 2015-07-16 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and avail… | |
| CVE-2015-1276 | CRITICAL | Patched | 9.8 | 2015-07-23 | Use-after-free vulnerability in content/browser/indexed_db/indexed_db_backing_store.cc in the IndexedDB implementation in Google Chrome before 44.0.2403.89 allows remote at… |
| CVE-2015-3253 | CRITICAL | 9.8 | 2015-08-13 | The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service vi… | |
| CVE-2015-0537 | CRITICAL | Patched | 9.8 | 2015-08-20 | Integer underflow in the base64-decoding implementation in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-C Micro Editi… |
| CVE-2015-0987 | CRITICAL | Patched | 10.0 | 2015-10-06 | Omron CX-One CX-Programmer before 9.6, CJ2M PLC devices before 2.1, and CJ2H PLC devices before 1.5 rely on cleartext password transmission, which allows remote attackers t… |
| CVE-2015-6490 | CRITICAL | Patched | 9.8 | 2015-10-28 | Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices through B FRN 15.003 allows remote attackers to execute arbitrary … |
| CVE-2015-7182 | CRITICAL | Patched | 9.8 | 2015-11-05 | Heap-based buffer overflow in the ASN.1 decoder in Mozilla Network Security Services (NSS) before 3.19.2.1 and 3.20.x before 3.20.1, as used in Firefox before 42.0 and Fire… |
| CVE-2015-8104 | CRITICAL | Patched | 10.0 | 2015-11-16 | The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering m… |
| CVE-2015-4852 | CRITICAL | Patched | 9.8 | 2015-11-18 | The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serializ… |
| CVE-2015-8103 | CRITICAL | Patched | 9.8 | 2015-11-25 | The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to … |
| CVE-2015-8383 | CRITICAL | Patched | 9.8 | 2015-12-02 | PCRE before 8.38 mishandles certain repeated conditional groups, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified o… |
| CVE-2015-8386 | CRITICAL | Patched | 9.8 | 2015-12-02 | PCRE before 8.38 mishandles the interaction of lookbehind assertions and mutually recursive subpatterns, which allows remote attackers to cause a denial of service (buffer … |