Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2008-2886

    PHP remote file inclusion vulnerability in include/plugins/jrBrowser/purchase.php in Jamroom 3.3.0 through 3.3.5, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the jamroom[jm_dir] parameter.... Read more

    Affected Products : jamroom
    • EPSS Score: %5.13
    • Published: Jun. 27, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2910

    Buffer overflow in the DXTTextOutEffect ActiveX control (aka the Text-Effect DXT Filter), as distributed in TextOut.dll 6.0.18.1 and mvtextout.dll, in muvee autoProducer 6.0 and 6.1 allows remote attackers to execute arbitrary code via a long FontSetting ... Read more

    Affected Products : autoproducer
    • EPSS Score: %7.54
    • Published: Jun. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2959

    Buffer overflow in a certain ActiveX control (vb6skit.dll) in Microsoft Visual Basic Enterprise Edition 6.0 SP6 might allow remote attackers to execute arbitrary code via a long lpstrLinkPath argument to the fCreateShellLink function.... Read more

    Affected Products : visual_basic_enterprise_edition
    • EPSS Score: %34.70
    • Published: Jul. 02, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3024

    Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.... Read more

    Affected Products : qnx_momentics
    • EPSS Score: %1.48
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3207

    PHP remote file inclusion vulnerability in cms/modules/form.lib.php in Pragyan CMS 2.6.2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the (1) sourceFolder or (2) moduleFolder parameter.... Read more

    Affected Products : praygan_cms
    • EPSS Score: %3.73
    • Published: Jul. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3239

    Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote attackers to upload and execute arbitrary code via a filename in the CONF[CRON_LOGFI... Read more

    Affected Products : phpizabi
    • EPSS Score: %5.56
    • Published: Jul. 21, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2952

    Multiple stack-based buffer overflows in the filter service (aka k9filter.exe) in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow (1) remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administra... Read more

    Affected Products : filter k9_web_protection
    • EPSS Score: %18.32
    • Published: Aug. 01, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3733

    Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.... Read more

    Affected Products : eo-video
    • EPSS Score: %19.32
    • Published: Aug. 20, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3877

    Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted attackers to execute arbitrary code via a crafted .mx4 file. NOTE: it was later reported that version 3 is also affected.... Read more

    Affected Products : mixcraft
    • EPSS Score: %22.52
    • Published: Sep. 02, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3919

    Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008.... Read more

    Affected Products : ichitaro
    • EPSS Score: %6.46
    • Published: Sep. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3957

    The Microsoft Windows Image Acquisition Logger ActiveX control allows remote attackers to force the download of arbitrary files onto a client system via a URL in the first argument to the Open method, in conjunction with a full destination pathname in the... Read more

    Affected Products : windows_image_acquisition_logger
    • EPSS Score: %33.27
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3961

    Multiple unspecified vulnerabilities in Adobe Illustrator CS2 on Macintosh allow user-assisted attackers to execute arbitrary code via a crafted AI file.... Read more

    Affected Products : illustrator
    • EPSS Score: %3.48
    • Published: Sep. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4116

    Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3)... Read more

    Affected Products : itunes quicktime
    • EPSS Score: %9.68
    • Published: Sep. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4132

    Stack-based buffer overflow in the VSFlexGrid.VSFlexGridL ActiveX control in ComponentOne VSFlexGrid 7.0.1.151 and 8.0.20072.239 allows remote attackers to execute arbitrary code via a long first argument to the Archive method. NOTE: the provenance of th... Read more

    Affected Products : vsflexgrid
    • EPSS Score: %4.78
    • Published: Sep. 19, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4396

    Stack-based buffer overflow in Safer Networking FileAlyzer 1.6.0.0 and 1.6.0.4 beta, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via an executable with malformed version data.... Read more

    Affected Products : filealyzer
    • EPSS Score: %4.21
    • Published: Oct. 02, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4434

    Stack-based buffer overflow in (1) uTorrent 1.7.7 build 8179 and earlier and (2) BitTorrent 6.0.3 build 8642 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Created By field in a .tor... Read more

    Affected Products : utorrent bittorrent
    • EPSS Score: %22.29
    • Published: Oct. 03, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4547

    Heap-based buffer overflow in the PdvrAtl.PdvrOcx.1 ActiveX control (pdvratl.dll) in DVRHOST Web CMS OCX 1.0.1.25 allows remote attackers to execute arbitrary code via a long second argument to the TimeSpanFormat method.... Read more

    Affected Products : dvrstation_cms
    • EPSS Score: %12.37
    • Published: Oct. 14, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4719

    PHP remote file inclusion vulnerability in cms/classes/openengine/filepool.php in openEngine 2.0 beta2, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the oe_classpath parameter, a different vector tha... Read more

    Affected Products : openengine
    • EPSS Score: %1.01
    • Published: Oct. 23, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4922

    Buffer overflow in the DjVu ActiveX Control 3.0 for Microsoft Office (DjVu_ActiveX_MSOffice.dll) allows remote attackers to execute arbitrary code via a long (1) ImageURL property, and possibly the (2) Mode, (3) Page, or (4) Zoom properties.... Read more

    • EPSS Score: %67.09
    • Published: Nov. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5089

    Multiple insecure method vulnerabilities in the DDActiveReportsViewer2.ARViewer2 ActiveX control (arview2.ocx) in Data Dynamics ActiveReports 2.5.0.1314 allow remote attackers to overwrite arbitrary files via a call to the (1) Pages.Save, (2) PrintReport,... Read more

    Affected Products : activereports
    • EPSS Score: %0.86
    • Published: Nov. 14, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291737 Results