Search
31,027 CVEs · Critical severity
CVEs (31,027, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 151–175 of 31,027 (capped at 500)
| CVE ID | Severity | Patch | CVSS | Published ↑ | Description |
|---|---|---|---|---|---|
| CVE-2010-4202 | CRITICAL | Patched | 9.8 | 2010-11-06 | Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of service or possibly have unspecified other impact via a c… |
| CVE-2010-4203 | CRITICAL | Patched | 9.8 | 2010-11-06 | WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to cause a denial of service (memory corruption) or po… |
| CVE-2010-4204 | CRITICAL | Patched | 9.8 | 2010-11-06 | WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object after this object has been destroyed, which allows r… |
| CVE-2010-4205 | CRITICAL | Patched | 9.8 | 2010-11-06 | Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers to cause a denial of service or possibly have unspec… |
| CVE-2010-1378 | CRITICAL | Patched | 9.8 | 2010-11-15 | OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to bypass X.509 certificate authentication via an arbitra… |
| CVE-2010-4478 | CRITICAL | Patched | 9.8 | 2010-12-06 | OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need f… |
| CVE-2010-4344 | CRITICAL | Patched | 9.8 | 2010-12-14 | Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session that include… |
| CVE-2011-0657 | CRITICAL | 9.8 | 2011-04-13 | DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Win… | |
| CVE-2011-1889 | CRITICAL | 9.8 | 2011-06-16 | The NSPLookupServiceNext function in the client in Microsoft Forefront Threat Management Gateway (TMG) 2010 allows remote attackers to execute arbitrary code via vectors in… | |
| CVE-2011-3544 | CRITICAL | Patched | 9.8 | 2011-10-19 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start appli… |
| CVE-2011-2013 | CRITICAL | 9.8 | 2011-11-08 | Integer overflow in the TCP/IP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to… | |
| CVE-2011-2462 | CRITICAL | Patched | 9.8 | 2011-12-07 | Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows re… |
| CVE-2012-0391 | CRITICAL | Patched | 9.8 | 2012-01-08 | The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types… |
| CVE-2011-4372 | CRITICAL | Patched | 9.8 | 2012-01-10 | Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corrupti… |
| CVE-2011-4373 | CRITICAL | Patched | 9.8 | 2012-01-10 | Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corrupti… |
| CVE-2012-0931 | CRITICAL | 9.8 | 2012-01-28 | Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or pos… | |
| CVE-2012-1710 | CRITICAL | 9.8 | 2012-05-03 | Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integr… | |
| CVE-2012-1516 | CRITICAL | 9.9 | 2012-05-04 | The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memo… | |
| CVE-2012-1823 | CRITICAL | Patched | 9.8 | 2012-05-11 | sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equal… |
| CVE-2012-2926 | CRITICAL | Patched | 9.1 | 2012-05-22 | Atlassian JIRA before 5.0.1; Confluence before 3.5.16, 4.0 before 4.0.7, and 4.1 before 4.1.10; FishEye and Crucible before 2.5.8, 2.6 before 2.6.8, and 2.7 before 2.7.12; … |
| CVE-2011-3188 | CRITICAL | Patched | 9.1 | 2012-05-24 | The (1) IPv4 and (2) IPv6 implementations in the Linux kernel before 3.1 use a modified MD4 algorithm to generate sequence numbers and Fragment Identification values, which… |
| CVE-2012-0507 | CRITICAL | 9.8 | 2012-06-07 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier a… | |
| CVE-2012-1723 | CRITICAL | Patched | 9.8 | 2012-06-16 | Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.… |
| CVE-2012-1891 | CRITICAL | 9.8 | 2012-07-10 | Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbit… | |
| CVE-2012-0911 | CRITICAL | Patched | 9.8 | 2012-07-12 | TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the (1) cookieName to lib/bann… |