Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-5272

    Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adobe AIR before 3.4.0.... Read more

    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5262

    Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11.2.202.243 on Linux, before 11.1.111.19 on Android 2.x and 3.x, and before 11.1.115.20 on Android 4.x; Adob... Read more

    • Published: Oct. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-26810

    D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dir_setWanWifi, which can lead to command injection via shell metacha... Read more

    • Published: Mar. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-4149

    Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3963

    Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to exec... Read more

    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3284

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512.... Read more

    • Published: Feb. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2790

    Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-... Read more

    Affected Products : ffmpeg libav
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2779

    Unspecified vulnerability in the decode_frame function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half ini... Read more

    Affected Products : ffmpeg libav
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2653

    arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.... Read more

    Affected Products : arpwatch
    • Published: Jul. 12, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1799

    The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force ... Read more

    • Published: Apr. 18, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-26607

    An Improper input validation in execDefaultBrowser method of NEXACRO17 allows a remote attacker to execute arbitrary command on affected systems.... Read more

    Affected Products : windows nexacro
    • Published: Oct. 26, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-2042

    Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026.... Read more

    Affected Products : illustrator illustrator_cs5.5
    • Published: May. 24, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1531

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect... Read more

    Affected Products : jdk jre jre jdk javafx
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2021-26709

    D-Link DSL-320B-D1 devices through EU_1.25 are prone to multiple Stack-Based Buffer Overflows that allow unauthenticated remote attackers to take over a device via the login.xgi user and pass parameters. NOTE: This vulnerability only affects products that... Read more

    Affected Products : dsl-320b-d1 dsl-320b-d1
    • Published: Apr. 07, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2995

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) o... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Sep. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2987

    Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to ex... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2921

    ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.... Read more

    Affected Products : ktsuss
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-26275

    The eslint-fixer package through 0.1.5 for Node.js allows command injection via shell metacharacters to the fix function. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. The ozum/eslint-fixer GitHub repositor... Read more

    Affected Products : eslint-fixer
    • Published: Mar. 19, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2767

    mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HT... Read more

    • Published: Aug. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2764

    The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows... Read more

    • Published: Aug. 04, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 292803 Results