Total
7347 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-0536 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-22 | 10.0 HIGH | N/A |
| Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | |||||
| CVE-2014-0535 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-22 | 7.5 HIGH | N/A |
| Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0534. | |||||
| CVE-2014-0534 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-22 | 7.5 HIGH | N/A |
| Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2014-0535. | |||||
| CVE-2014-0533 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0532. | |||||
| CVE-2014-0532 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0531 and CVE-2014-0533. | |||||
| CVE-2014-0531 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 13.0.0.223 and 14.x before 14.0.0.125 on Windows and OS X and before 11.2.202.378 on Linux, Adobe AIR before 14.0.0.110, Adobe AIR SDK before 14.0.0.110, and Adobe AIR SDK & Compiler before 14.0.0.110 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2014-0532 and CVE-2014-0533. | |||||
| CVE-2011-0817 | 2 Microsoft, Sun | 3 Windows, Jdk, Jre | 2017-12-22 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | |||||
| CVE-2011-0788 | 2 Microsoft, Sun | 3 Windows, Jdk, Jre | 2017-12-22 | 7.6 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0786. | |||||
| CVE-2011-0786 | 2 Microsoft, Sun | 3 Windows, Jdk, Jre | 2017-12-22 | 7.6 HIGH | N/A |
| Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 25 and earlier, when running on Windows, allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2011-0788. | |||||
| CVE-2017-17069 | 2 Amazon, Microsoft | 2 Audible, Windows | 2017-12-20 | 9.3 HIGH | 7.8 HIGH |
| ActiveSetupN.exe in Amazon Audible for Windows before November 2017 allows attackers to execute arbitrary DLL code if ActiveSetupN.exe is launched from a directory where an attacker has already created a Trojan horse dwmapi.dll file. | |||||
| CVE-2014-0509 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-16 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2014-0508 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-16 | 5.0 MEDIUM | N/A |
| Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allow attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | |||||
| CVE-2014-0507 | 4 Adobe, Apple, Linux and 1 more | 6 Adobe Air, Adobe Air Sdk, Flash Player and 3 more | 2017-12-16 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2014-0506 | 2 Adobe, Microsoft | 2 Flash Player, Windows | 2017-12-16 | 10.0 HIGH | N/A |
| Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on Android, Adobe AIR SDK before 13.0.0.83, and Adobe AIR SDK & Compiler before 13.0.0.83 allows remote attackers to execute arbitrary code, and possibly bypass an Internet Explorer sandbox protection mechanism, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. | |||||
| CVE-2017-3104 | 2 Adobe, Microsoft | 2 Robohelp, Windows | 2017-12-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe RoboHelp has a cross-site scripting (XSS) vulnerability. This affects versions before RH12.0.4.460 and RH2017 before RH2017.0.2. | |||||
| CVE-2017-3105 | 2 Adobe, Microsoft | 2 Robohelp, Windows | 2017-12-14 | 5.8 MEDIUM | 6.1 MEDIUM |
| Adobe RoboHelp has an Open Redirect vulnerability. This affects versions before RH12.0.4.460 and RH2017 before RH2017.0.2. | |||||
| CVE-2017-10887 | 2 Bookwalker, Microsoft | 2 Book Walker, Windows | 2017-12-04 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2016-6803 | 2 Apache, Microsoft | 2 Openoffice, Windows | 2017-11-29 | 9.3 HIGH | 7.8 HIGH |
| An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The PC must have previously been infected by a Trojan Horse application (or user) running with administrative privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. | |||||
| CVE-2016-4118 | 2 Adobe, Microsoft | 2 Connect, Windows | 2017-11-29 | 7.2 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer in Adobe Connect Add-In before 11.9.976.291 on Windows allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2008-3628 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2017-11-22 | 9.3 HIGH | N/A |
| Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, related to an "invalid pointer issue." | |||||