Search
31,027 CVEs · Critical severity
CVEs (31,027, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 426–450 of 31,027 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2016-3153 | CRITICAL | Patched | 9.8 | 2016-04-08 | SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to execute arbitrary PHP code by adding content, related to the filtrer_entites … |
| CVE-2016-3154 | CRITICAL | Patched | 9.8 | 2016-04-08 | The encoder_contexte_ajax function in ecrire/inc/filtres.php in SPIP 2.x before 2.1.19, 3.0.x before 3.0.22, and 3.1.x before 3.1.1 allows remote attackers to conduct PHP o… |
| CVE-2016-2385 | CRITICAL | Patched | 9.8 | 2016-04-11 | Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to caus… |
| CVE-2016-3065 | CRITICAL | Patched | 9.1 | 2016-04-11 | The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access … |
| CVE-2015-8710 | CRITICAL | Patched | 9.8 | 2016-04-11 | The htmlParseComment function in HTMLparser.c in libxml2 allows attackers to obtain sensitive information, cause a denial of service (out-of-bounds heap memory access and a… |
| CVE-2015-8833 | CRITICAL | Patched | 9.8 | 2016-04-12 | Use-after-free vulnerability in the create_smp_dialog function in gtk-dialog.c in the Off-the-Record Messaging (OTR) pidgin-otr plugin before 4.0.2 for Pidgin allows remote… |
| CVE-2015-8841 | CRITICAL | 9.8 | 2016-04-12 | Heap-based buffer overflow in the Archive support module in ESET NOD32 before update 11861 allows remote attackers to execute arbitrary code via a large number of languages… | |
| CVE-2016-3987 | CRITICAL | 9.8 | 2016-04-12 | The HTTP server in Trend Micro Password Manager allows remote web servers to execute arbitrary commands via the url parameter to (1) api/openUrlInDefaultBrowser or (2) api/showSB. | |
| CVE-2016-0733 | CRITICAL | Patched | 9.8 | 2016-04-12 | The Admin UI in Apache Ranger before 0.5.1 does not properly handle authentication requests that lack a password, which allows remote attackers to bypass authentication by … |
| CVE-2016-2170 | CRITICAL | Patched | 9.8 | 2016-04-12 | Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the A… |
| CVE-2016-3655 | CRITICAL | Patched | 9.8 | 2016-04-12 | The management web interface in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attackers to execute… |
| CVE-2016-3657 | CRITICAL | Patched | 9.8 | 2016-04-12 | Buffer overflow in the GlobalProtect Portal in Palo Alto Networks PAN-OS before 5.0.18, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5 allows remote attac… |
| CVE-2016-0088 | CRITICAL | 9.3 | 2016-04-12 | Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, … | |
| CVE-2016-1034 | CRITICAL | Patched | 9.1 | 2016-04-12 | The Sync Process in the JavaScript API for Creative Cloud Libraries in Adobe Creative Cloud Desktop Application before 3.6.0.244 allows remote attackers to read or write to… |
| CVE-2014-9766 | CRITICAL | Patched | 9.8 | 2016-04-13 | Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service (application crash) or poss… |
| CVE-2016-4007 | CRITICAL | Patched | 9.8 | 2016-04-13 | Multiple unspecified vulnerabilities in the obs-service-extract_file package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to exe… |
| CVE-2015-7545 | CRITICAL | Patched | 9.8 | 2016-04-13 | The (1) git-remote-ext and (2) unspecified other remote helper programs in Git before 2.3.10, 2.4.x before 2.4.10, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 do not properl… |
| CVE-2016-2054 | CRITICAL | Patched | 9.8 | 2016-04-13 | Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of … |
| CVE-2016-4009 | CRITICAL | Patched | 9.8 | 2016-04-13 | Integer overflow in the ImagingResampleHorizontal function in libImaging/Resample.c in Pillow before 3.1.1 allows remote attackers to have unspecified impact via negative v… |
| CVE-2016-1352 | CRITICAL | 9.8 | 2016-04-14 | Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers to execute arbitrary OS commands via a crafted HTTP request, aka Bug ID CS… | |
| CVE-2010-5325 | CRITICAL | Patched | 9.8 | 2016-04-15 | Heap-based buffer overflow in the unhtmlify function in foomatic-rip in foomatic-filters before 4.0.6 allows remote attackers to cause a denial of service (memory corruptio… |
| CVE-2016-0889 | CRITICAL | Patched | 9.8 | 2016-04-15 | An HTTP servlet in vApp Manager in EMC Unisphere for VMAX Virtual Appliance before 8.2.0 allows remote attackers to write to arbitrary files via a crafted pathname. |
| CVE-2016-0835 | CRITICAL | Patched | 9.8 | 2016-04-18 | decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption)… |
| CVE-2016-0837 | CRITICAL | Patched | 9.8 | 2016-04-18 | MPEG4Extractor.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows remote attackers t… |
| CVE-2016-0838 | CRITICAL | Patched | 9.8 | 2016-04-18 | Sonivox in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not check for a negative number of samples, which… |