Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-5244

    Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file fun... Read more

    Affected Products : interbase
    • EPSS Score: %76.30
    • Published: Oct. 06, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5546

    Multiple stack-based buffer overflows in TIBCO SmartPGM FX allow remote attackers to execute arbitrary code or cause a denial of service (service stop and file-transfer outage) via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague... Read more

    Affected Products : smart_pgm_fx
    • EPSS Score: %2.75
    • Published: Oct. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5169

    Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and 7.0.2 on Windows allows user-assisted remote attackers to execute arbitrary code via a long font name in a .PMD file.... Read more

    Affected Products : pagemaker
    • EPSS Score: %34.53
    • Published: Oct. 11, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5826

    Absolute path traversal vulnerability in the EDraw Flowchart ActiveX control in EDImage.ocx 2.0.2005.1104 allows remote attackers to create or overwrite arbitrary files with arbitrary contents via a full pathname in the second argument to the HttpDownload... Read more

    Affected Products : flowchart_activex
    • EPSS Score: %5.46
    • Published: Nov. 05, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6009

    Multiple buffer overflows in ACD products allow user-assisted remote attackers to execute arbitrary code via a long section string in a (1) XBM or (2) XPM file to (a) ID_X.apl or (b) IDE_ACDStd.apl. NOTE: the PSP and LHA vectors are already covered by CV... Read more

    • EPSS Score: %5.57
    • Published: Nov. 15, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6008

    Heap-based buffer overflow in emlsr.dll before 2.0.0.4 in Autonomy (formerly Verity) KeyView Viewer, Filter, and Export SDK allows remote attackers to execute arbitrary code via a long Content-Type header line in an EML file. NOTE: the provenance of this... Read more

    • EPSS Score: %3.63
    • Published: Nov. 15, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6088

    PHP remote file inclusion vulnerability in includes/functions_mod_user.php in phpBBViet 02.03.07 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.... Read more

    Affected Products : phpbbviet
    • EPSS Score: %2.41
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6189

    A certain ActiveX control in (1) OScan8.ocx and (2) Oscan81.ocx in BitDefender Online Anti-Virus Scanner 8.0 allows remote attackers to execute arbitrary code via a long argument to the InitX method that begins with a "%%" sequence, which is misinterprete... Read more

    Affected Products : online_anti-virus_scanner
    • EPSS Score: %13.20
    • Published: Nov. 30, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6436

    Stack-based buffer overflow in JSGCI.DLL in JustSystems Ichitaro 2005, 2006, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted document, as actively exploited in December 2007 by the Tarodrop.F trojan. NOTE: some of t... Read more

    Affected Products : ichitaro ichitaro
    • EPSS Score: %10.71
    • Published: Dec. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0379

    Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, whic... Read more

    Affected Products : crystal_reports_xi
    • EPSS Score: %14.00
    • Published: Jan. 22, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0392

    Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary code via a .dsr file with a long (1) ConnectionName or (2) CommandName line.... Read more

    Affected Products : visual_basic
    • EPSS Score: %53.06
    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0493

    fpx.dll 3.9.8.0 in the FlashPix plugin for IrfanView 4.10 allows remote attackers to execute arbitrary code via a crafted FlashPix (.FPX) file, which triggers heap corruption. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : irfanview
    • EPSS Score: %7.61
    • Published: Jan. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1116

    Insecure method vulnerability in the Web Scan Object ActiveX control (OL2005.dll) in Rising Antivirus Online Scanner allows remote attackers to force the download and execution of arbitrary code by setting the BaseURL property and invoking the UpdateEngin... Read more

    Affected Products : rising_web_scan_object
    • EPSS Score: %6.93
    • Published: Mar. 03, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2551

    The DownloaderActiveX Control (DownloaderActiveX.ocx) in Icona SpA C6 Messenger 1.0.0.1 allows remote attackers to force the download and execution of arbitrary files via a URL in the propDownloadUrl parameter with the propPostDownloadAction parameter set... Read more

    Affected Products : instant_messenger
    • EPSS Score: %85.10
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2635

    Multiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND ... Read more

    Affected Products : bitkinex
    • EPSS Score: %0.15
    • Published: Jun. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2702

    Directory traversal vulnerability in the FTP client in ALTools ESTsoft ALFTP 4.1 beta 2 and 5.0 allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345. NOTE: t... Read more

    Affected Products : alftp
    • EPSS Score: %6.34
    • Published: Jun. 13, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2894

    Directory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.... Read more

    Affected Products : nch_software_classic_ftp
    • EPSS Score: %2.48
    • Published: Jun. 27, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3024

    Stack-based buffer overflow in phgrafx in QNX Momentics (aka RTOS) 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/.... Read more

    Affected Products : qnx_momentics
    • EPSS Score: %1.48
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3239

    Unrestricted file upload vulnerability in the writeLogEntry function in system/v_cron_proc.php in PHPizabi 0.848b C1 HFP1, when register_globals is enabled, allows remote attackers to upload and execute arbitrary code via a filename in the CONF[CRON_LOGFI... Read more

    Affected Products : phpizabi
    • EPSS Score: %5.56
    • Published: Jul. 21, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3733

    Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element.... Read more

    Affected Products : eo-video
    • EPSS Score: %19.32
    • Published: Aug. 20, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 292321 Results