Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-0982

    Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces.... Read more

    Affected Products : chrome
    • EPSS Score: %2.99
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4135

    Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: th... Read more

    Affected Products : flexnet_publisher
    • EPSS Score: %10.61
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0264

    Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %49.38
    • Published: Jan. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4714

    Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in th... Read more

    Affected Products : groupwise
    • EPSS Score: %2.52
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4467

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, an... Read more

    Affected Products : jre jdk
    • EPSS Score: %3.46
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3571

    Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previou... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %14.12
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3085

    The network-play implementation in Mednafen before 0.8.D might allow remote servers to execute arbitrary code via unspecified vectors, related to "stack manipulation" issues.... Read more

    Affected Products : mednafen
    • EPSS Score: %0.85
    • Published: Oct. 12, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-3677

    The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly verify the credentials in an MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP... Read more

    • EPSS Score: %60.94
    • Published: Dec. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3381

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • EPSS Score: %6.19
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3079

    Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.... Read more

    Affected Products : firefox
    • EPSS Score: %1.60
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2523

    The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequest... Read more

    Affected Products : windows_2000
    • EPSS Score: %11.46
    • Published: Nov. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1119

    Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.... Read more

    Affected Products : replistor emc_replistor
    • EPSS Score: %11.84
    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0065

    Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large strea... Read more

    Affected Products : linux_kernel
    • EPSS Score: %8.94
    • Published: Jan. 07, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6021

    Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis."... Read more

    Affected Products : reflection_for_secure_it
    • EPSS Score: %0.40
    • Published: Feb. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5317

    Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine (aka lcms) before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperl... Read more

    Affected Products : little_cms_color_engine lcms
    • EPSS Score: %0.95
    • Published: Dec. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5030

    Heap-based buffer overflow in the cddb_read_disc_data function in cddb.c in libcdaudio 0.99.12p2 allows remote CDDB servers to execute arbitrary code via long CDDB data.... Read more

    Affected Products : libcaudio
    • EPSS Score: %6.48
    • Published: Nov. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4193

    Stack-based buffer overflow in SecurityGateway.dll in Alt-N Technologies SecurityGateway 1.0.1 allows remote attackers to execute arbitrary code via a long username parameter.... Read more

    Affected Products : securitygateway
    • EPSS Score: %80.45
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4061

    Integer overflow in the MathML component in Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, Thunderbird before 2.0.0.17, and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (memory corruption and application crash) or po... Read more

    • EPSS Score: %1.43
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3641

    The Hewlett-Packard Graphics Language (HPGL) filter in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via crafted pen width and pen color opcodes that overwrite arbitrary memory.... Read more

    Affected Products : cups
    • EPSS Score: %49.02
    • Published: Oct. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3112

    Directory traversal vulnerability in Sun Java Web Start in JDK and JRE 6 before Update 7, JDK and JRE 5.0 before Update 16, and SDK and JRE 1.4.x before 1.4.2_18 allows remote attackers to create arbitrary files via the writeManifest method in the CacheEn... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %8.38
    • Published: Jul. 09, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292495 Results