CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-6349 TheΒ iSherlock developed by HGigaΒ has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server. | 9.8 | CRITICAL | β | 0 |
| CVE-2012-0137 Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, ak... | N/A | NONE | β | 0 |
| CVE-2012-0138 Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, ak... | N/A | NONE | β | 0 |
| CVE-2012-0144 Cross-site scripting (XSS) vulnerability in themeweb.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitrar... | N/A | NONE | β | 0 |
| CVE-2013-2760 Buffer overflow in Groovy Media Player 3.2.0 allows remote attackers to execute arbitrary code via a long string in a .m3u file. | N/A | NONE | β | 0 |
| CVE-2012-0145 Cross-site scripting (XSS) vulnerability in wizardlist.aspx in Microsoft Office SharePoint Server 2010 Gold and SP1 and SharePoint Foundation 2010 Gold and SP1 allows remote attackers to inject arbitr... | N/A | NONE | β | 0 |
| CVE-2012-0148 afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 on 64-bit platform... | N/A | NONE | β | 0 |
| CVE-2012-0149 afd.sys in the Ancillary Function Driver in Microsoft Windows Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafte... | N/A | NONE | β | 0 |
| CVE-2012-0150 Buffer overflow in msvcrt.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted media ... | N/A | NONE | β | 0 |
| CVE-2012-0154 Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Wind... | N/A | NONE | β | 0 |
| CVE-2012-0155 Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "VML Remote Code Execution Vulnerab... | N/A | NONE | β | 0 |
| CVE-2012-0757 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff... | N/A | NONE | β | 0 |
| CVE-2012-0759 Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-07... | N/A | NONE | β | 0 |
| CVE-2012-0760 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff... | N/A | NONE | β | 0 |
| CVE-2026-6350 MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code. | 9.8 | CRITICAL | β | 0 |
| CVE-2012-0761 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff... | N/A | NONE | β | 0 |
| CVE-2012-0762 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff... | N/A | NONE | β | 0 |
| CVE-2012-0763 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff... | N/A | NONE | β | 0 |
| CVE-2012-0764 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff... | N/A | NONE | β | 0 |
| CVE-2012-0765 Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in... | N/A | NONE | β | 0 |
| CVE-2012-0766 The Shockwave 3D Asset component in Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a diff... | N/A | NONE | β | 0 |
| CVE-2011-3563 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows ... | N/A | NONE | β | 0 |
| CVE-2012-0497 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, inte... | N/A | NONE | β | 0 |
| CVE-2012-0498 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to af... | N/A | NONE | β | 0 |
| CVE-2012-0499 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier; and Ja... | N/A | NONE | β | 0 |
| CVE-2012-0500 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and JavaFX 2.0.2 and earlier allows remote untrusted Java W... | N/A | NONE | β | 0 |
| CVE-2026-6351 MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files. | 7.5 | HIGH | β | 0 |
| CVE-2012-0501 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to af... | N/A | NONE | β | 0 |
| CVE-2012-0502 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows ... | N/A | NONE | β | 0 |
| CVE-2012-0503 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows ... | N/A | NONE | β | 0 |
| CVE-2012-0504 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, and 6 Update 30 and earlier, allows remote attackers to affect confidentiality, inte... | N/A | NONE | β | 0 |
| CVE-2012-0505 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5 Update 33 and earlier, and 1.4.2_35 and earlier allows re... | N/A | NONE | β | 0 |
| CVE-2012-0506 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, 5.0 Update 33 and earlier, and 1.4.2_35 and earlier allows ... | N/A | NONE | β | 0 |
| CVE-2012-0508 Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX, 1.3.0 and earlier, and 1.2.2 and earlier allows remote attackers to affect confidentiality, integrity, and availability via ... | N/A | NONE | β | 0 |
| CVE-2012-0751 The ActiveX control in Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unsp... | N/A | NONE | β | 0 |
| CVE-2012-0752 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attack... | N/A | NONE | β | 0 |
| CVE-2012-0753 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attack... | N/A | NONE | β | 0 |
| CVE-2023-3634 In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could lead to a complete loss of confidentiality, in... | 8.8 | HIGH | β | 0 |
| CVE-2012-0755 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attack... | N/A | NONE | β | 0 |
| CVE-2012-0756 Adobe Flash Player before 10.3.183.15 and 11.x before 11.1.102.62 on Windows, Mac OS X, Linux, and Solaris; before 11.1.111.6 on Android 2.x and 3.x; and before 11.1.115.6 on Android 4.x allows attack... | N/A | NONE | β | 0 |
| CVE-2011-3015 Multiple integer overflows in the PDF codecs in Google Chrome before 17.0.963.56 allow remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. | N/A | NONE | β | 0 |
| CVE-2013-4330 Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName m... | N/A | NONE | β | 0 |
| CVE-2019-25699 Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and bo... | 7.1 | HIGH | β | 0 |
| CVE-2011-3016 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving counter nodes, rel... | N/A | NONE | β | 0 |
| CVE-2011-3017 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to database handling... | N/A | NONE | β | 0 |
| CVE-2011-3018 Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to path rendering. | N/A | NONE | β | 0 |
| CVE-2011-3019 Heap-based buffer overflow in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted Matroska video (aka MKV) fil... | N/A | NONE | β | 0 |
| CVE-2011-3020 Unspecified vulnerability in the Native Client validator implementation in Google Chrome before 17.0.963.56 has unknown impact and remote attack vectors. | N/A | NONE | β | 0 |
| CVE-2011-3021 Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to subframe loading. | N/A | NONE | β | 0 |
| CVE-2011-3022 translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7 uses an HTTP session to exchange data for translation, which allows remote attackers to obtain sensitive ... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.