Search
31,034 CVEs · Critical severity
CVEs (31,034, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 301–325 of 31,034 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2016-0944 | CRITICAL | Patched | 9.8 | 2016-01-14 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Wind… |
| CVE-2016-0945 | CRITICAL | Patched | 9.8 | 2016-01-14 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Wind… |
| CVE-2016-0946 | CRITICAL | Patched | 9.8 | 2016-01-14 | Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Wind… |
| CVE-2015-6314 | CRITICAL | Patched | 9.8 | 2016-01-15 | Cisco Wireless LAN Controller (WLC) devices with software 7.6.x, 8.0 before 8.0.121.0, and 8.1 before 8.1.131.0 allow remote attackers to change configuration settings via … |
| CVE-2015-6323 | CRITICAL | 9.8 | 2016-01-15 | The Admin portal in Cisco Identity Services Engine (ISE) 1.1.x, 1.2.0 before patch 17, 1.2.1 before patch 8, 1.3 before patch 5, and 1.4 before patch 4 allows remote attack… | |
| CVE-2016-0854 | CRITICAL | Patched | 9.8 | 2016-01-15 | Unrestricted file upload vulnerability in the uploadImageCommon function in the UploadAjaxAction script in the WebAccess Dashboard Viewer in Advantech WebAccess before 8.1 … |
| CVE-2016-0856 | CRITICAL | Patched | 9.8 | 2016-01-15 | Multiple stack-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. |
| CVE-2016-0857 | CRITICAL | Patched | 9.8 | 2016-01-15 | Multiple heap-based buffer overflows in Advantech WebAccess before 8.1 allow remote attackers to execute arbitrary code via unspecified vectors. |
| CVE-2016-0859 | CRITICAL | Patched | 9.8 | 2016-01-15 | Integer overflow in the Kernel service in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer … |
| CVE-2016-1909 | CRITICAL | Patched | 9.8 | 2016-01-15 | Fortinet FortiAnalyzer before 5.0.12 and 5.2.x before 5.2.5; FortiSwitch 3.3.x before 3.3.3; FortiCache 3.0.x before 3.0.8; and FortiOS 4.1.x before 4.1.11, 4.2.x before 4.… |
| CVE-2016-1142 | CRITICAL | Patched | 9.1 | 2016-01-16 | Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to execute arbitrary OS commands via unspecified vectors. |
| CVE-2015-8617 | CRITICAL | Patched | 9.8 | 2016-01-19 | Format string vulnerability in the zend_throw_or_error function in Zend/zend_execute_API.c in PHP 7.x before 7.0.1 allows remote attackers to execute arbitrary code via for… |
| CVE-2016-1903 | CRITICAL | Patched | 9.1 | 2016-01-19 | The gdImageRotateInterpolated function in ext/gd/libgd/gd_interpolation.c in PHP before 5.5.31, 5.6.x before 5.6.17, and 7.x before 7.0.2 allows remote attackers to obtain … |
| CVE-2016-1901 | CRITICAL | Patched | 9.8 | 2016-01-20 | Integer overflow in the authenticate_post function in CGit before 0.12 allows remote attackers to have unspecified impact via a large value in the Content-Length HTTP heade… |
| CVE-2016-1928 | CRITICAL | 9.8 | 2016-01-20 | Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, relate… | |
| CVE-2016-1929 | CRITICAL | 9.3 | 2016-01-20 | The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service (disk consumption and process crash) via a … | |
| CVE-2015-6412 | CRITICAL | Patched | 9.8 | 2016-01-22 | Cisco Modular Encoding Platform D9036 Software before 02.04.70 has hardcoded (1) root and (2) guest passwords, which makes it easier for remote attackers to obtain access v… |
| CVE-2015-6435 | CRITICAL | Patched | 9.8 | 2016-01-22 | An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified Computing System (UCS) Manager before 2.2(4b), 2.2(5) before 2.2(5a), and … |
| CVE-2015-8362 | CRITICAL | Patched | 9.8 | 2016-01-22 | The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2015-10-12 has a hardcoded password for the BlackWidow account, which makes it easier for remote… |
| CVE-2016-1984 | CRITICAL | Patched | 9.8 | 2016-01-22 | The setUpSubtleUserAccount function in /bin/bw on Harman AMX devices before 2016-01-20 has a hardcoded password for the 1MB@tMaN account, which makes it easier for remote a… |
| CVE-2016-2051 | CRITICAL | Patched | 9.8 | 2016-01-25 | Multiple unspecified vulnerabilities in Google V8 before 4.8.271.17, as used in Google Chrome before 48.0.2564.82, allow attackers to cause a denial of service or possibly … |
| CVE-2016-1896 | CRITICAL | Patched | 9.8 | 2016-01-27 | Race condition in the initialization process on Lexmark printers with firmware ATL before ATL.02.049, CB before CB.02.049, PP before PP.02.049, and YK before YK.02.049 allo… |
| CVE-2015-6319 | CRITICAL | 9.8 | 2016-01-27 | SQL injection vulnerability in the web-based management interface on Cisco RV220W devices allows remote attackers to execute arbitrary SQL commands via a crafted header in … | |
| CVE-2016-0868 | CRITICAL | Patched | 9.8 | 2016-01-28 | Stack-based buffer overflow on Rockwell Automation Allen-Bradley MicroLogix 1100 devices A through 15.000 and B before 15.002 allows remote attackers to execute arbitrary c… |
| CVE-2015-8789 | CRITICAL | Patched | 9.6 | 2016-01-29 | Use-after-free vulnerability in the EbmlMaster::Read function in libEBML before 1.3.3 allows context-dependent attackers to have unspecified impact via a "deeply nested ele… |