Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 77 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-12-10 | CVE-2014-8453 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-12-10 | CVE-2014-8452 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-12-10 | CVE-2014-8451 | An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8448. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-12-10 | CVE-2014-8449 | Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-12-10 | CVE-2014-8448 | An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-12-10 | CVE-2014-8447 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-12-10 | CVE-2014-8446 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-12-10 | CVE-2014-8445 | Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. | Acrobat, Acrobat_reader, Mac_os_x, Windows | N/A | ||
| 2014-10-15 | CVE-2014-7237 | lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier, when running on Windows, allows remote attackers to bypass intended access restrictions and upload files with restricted names via a null byte (%00) in a filename to bin/upload.cgi, as demonstrated using .htaccess to execute arbitrary code. | Windows, Twiki | N/A | ||
| 2011-10-19 | CVE-2011-3310 | The Home Page component in Cisco CiscoWorks Common Services before 4.1 on Windows, as used in CiscoWorks LAN Management Solution, Cisco Security Manager, Cisco Unified Service Monitor, Cisco Unified Operations Manager, CiscoWorks QoS Policy Manager, and CiscoWorks Voice Manager, allows remote authenticated users to execute arbitrary commands via a crafted URL, aka Bug IDs CSCtq48990, CSCtq63992, CSCtq64011, CSCtq64019, CSCtr23090, and CSCtt25535. | Ciscoworks_common_services, Windows | N/A |