Vulnérabilités des apps mobiles
155 entrées
| CVE | Sévérité | KEV | Publié | Description |
|---|---|---|---|---|
| CVE-2016-7201 | HIGH 8.8 | KEV | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via… | |
| CVE-2016-7200 | HIGH 8.8 | KEV | The Chakra JavaScript scripting engine in Microsoft Edge allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via… | |
| CVE-2016-7193 | HIGH 7.8 | KEV | Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word… | |
| CVE-2016-3351 | MEDIUM 6.5 | KEV | Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to obtain sensitive information via a crafted web site, aka "Microsoft Brows… | |
| CVE-2016-1646 | HIGH 8.8 | KEV | The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data t… | |
| CVE-2015-4495 | HIGH 8.8 | KEV | The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Po… | |
| CVE-2015-2424 | HIGH 8.8 | KEV | Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote a… | |
| CVE-2015-1641 | HIGH 7.8 | KEV | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Ser… | |
| CVE-2015-0313 | CRITICAL 9.8 | KEV | Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Lin… | |
| CVE-2015-0311 | CRITICAL 9.8 | KEV | Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on … | |
| CVE-2014-0546 | CRITICAL 9.8 | KEV | Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers to bypass a sandbox protection mechanism, and consequently exec… | |
| CVE-2014-1761 | HIGH 7.8 | KEV | Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Servic… | |
| CVE-2014-0497 | CRITICAL 9.8 | KEV | Integer underflow in Adobe Flash Player before 11.7.700.261 and 11.8.x through 12.0.x before 12.0.0.44 on Windows and Mac OS X, and before 11.2.202.336 on Linu… | |
| CVE-2013-3346 | CRITICAL 9.8 | KEV | Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (… | |
| CVE-2013-1690 | HIGH 8.8 | KEV | Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadyst… | |
| CVE-2013-2729 | CRITICAL 9.8 | KEV | Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspe… | |
| CVE-2013-1675 | MEDIUM 6.5 | KEV | Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 do not properly initialize data … | |
| CVE-2013-0640 | HIGH 7.8 | KEV | Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of se… | |
| CVE-2013-0641 | HIGH 7.8 | KEV | Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via… | |
| CVE-2012-2539 | HIGH 7.8 | KEV | Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attacker… | |
| CVE-2011-2462 | CRITICAL 9.8 | KEV | Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UN… | |
| CVE-2011-0611 | HIGH 8.8 | KEV | Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay… | |
| CVE-2011-0609 | HIGH 7.8 | KEV | Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR… | |
| CVE-2010-2572 | HIGH 7.8 | KEV | Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "Powe… | |
| CVE-2010-3765 | CRITICAL 9.8 | KEV | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, and SeaMonkey 2.x before 2.0.10, when Ja… | |
| CVE-2010-2883 | HIGH 7.3 | KEV | Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers t… | |
| CVE-2010-0188 | HIGH 7.8 | KEV | Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) o… | |
| CVE-2009-4324 | HIGH 7.8 | KEV | Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and … | |
| CVE-2009-3129 | HIGH 7.8 | KEV | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003… | |
| CVE-2009-1862 | HIGH 7.8 | KEV | Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remot… | |
| CVE-2009-0556 | HIGH 8.8 | KEV | Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary cod… | |
| CVE-2009-0927 | HIGH 8.8 | KEV | Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary co… | |
| CVE-2009-0238 | HIGH 8.8 | KEV | Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerP… | |
| CVE-2008-2992 | HIGH 7.8 | KEV | Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.… | |
| CVE-2007-5659 | HIGH 7.8 | KEV | Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to … | |
| CVE-2008-0655 | HIGH 8.8 | KEV | Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors. | |
| CVE-2007-0671 | HIGH 8.8 | KEV | Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to exe… | |
| CVE-2024-4367 | HIGH 8.8 | — | A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Fire… | |
| CVE-2000-0524 | N/A | — | Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Re… | |
| CVE-2000-0415 | N/A | — | Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long … | |
| CVE-2000-0419 | N/A | — | The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" functi… | |
| CVE-2000-0277 | N/A | — | Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to ex… | |
| CVE-2000-0216 | N/A | — | Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attac… | |
| CVE-2000-0160 | N/A | — | The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the use… | |
| CVE-2000-0088 | N/A | — | Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conver… | |
| CVE-1999-1474 | N/A | — | PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when … | |
| CVE-1999-1055 | N/A | — | Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL fun… | |
| CVE-2000-0329 | N/A | — | A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an attachment and an embedded script in an HTML mail, aka the "Act… | |
| CVE-1999-0354 | N/A | — | Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn… | |
| CVE-1999-0794 | N/A | — | Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. |