Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-0259

    The Word processor in OpenOffice.org 1.1.2 through 1.1.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploi... Read more

    Affected Products : openoffice.org
    • EPSS Score: %16.93
    • Published: Jan. 22, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0389

    Multiple insecure method vulnerabilities in the Web On Windows (WOW) ActiveX control in WOW ActiveX 2 allow remote attackers to (1) create and overwrite arbitrary files via the WriteIniFileString method, (2) execute arbitrary programs via the ShellExecute... Read more

    Affected Products : web_on_windows_activex
    • EPSS Score: %3.88
    • Published: Feb. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0184

    Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a tor... Read more

    • EPSS Score: %67.53
    • Published: Feb. 03, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0731

    Directory traversal vulnerability in pages/play.php in Free Arcade Script 1.0 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the template parameter.... Read more

    Affected Products : free_arcade_script
    • EPSS Score: %2.31
    • Published: Feb. 24, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0187

    Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "C... Read more

    Affected Products : orbit_downloader
    • EPSS Score: %75.65
    • Published: Feb. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5542

    Stack-based buffer overflow in Miranda IM 0.6.8 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.... Read more

    Affected Products : miranda_im
    • EPSS Score: %4.04
    • Published: Mar. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5543

    Stack-based buffer overflow in Miranda IM 0.6.8 and 0.7.0 allows remote attackers to execute arbitrary code via a crafted Yahoo! Messenger packet. NOTE: this might overlap CVE-2007-5590.... Read more

    Affected Products : miranda_im
    • EPSS Score: %4.04
    • Published: Mar. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1028

    Stack-based buffer overflow in ediSys eZip Wizard 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file.... Read more

    Affected Products : ezip_wizard
    • EPSS Score: %67.09
    • Published: Mar. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1040

    Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file.... Read more

    Affected Products : winasm_studio
    • EPSS Score: %8.51
    • Published: Mar. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1054

    Unspecified vulnerability in JustSystems Ichitaro 13, 2004 through 2008, Lite2, and Ichitaro viewer 5.1.5.0 and earlier allows remote attackers to execute arbitrary code via a crafted file, as exploited in the wild by Trojan.Tarodrop.H in March 2009.... Read more

    Affected Products : ichitaro ichitaro ichitaro_viewer
    • EPSS Score: %6.46
    • Published: Mar. 24, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1092

    Use-after-free vulnerability in the LIVEAUDIO.LiveAudioCtrl.1 ActiveX control in LIVEAU~1.OCX 7.0 for GeoVision DVR systems allows remote attackers to execute arbitrary code by calling the GetAudioPlayingTime method with certain arguments.... Read more

    Affected Products : liveaudio_activex_control
    • EPSS Score: %5.49
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-6563

    Buffer overflow in the XML parser in Trillian 3.1.9.0, and possibly earlier, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DTD file.... Read more

    Affected Products : trillian
    • EPSS Score: %7.49
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-6583

    Buffer overflow in BS.player 2.27 build 959 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .SRT file.... Read more

    Affected Products : bs.player
    • EPSS Score: %5.44
    • Published: Apr. 03, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-13249

    In impeg2d_api_set_display_frame of impeg2d_api_main.c, there is an out of bound write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Pro... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-1329

    Stack-based buffer overflow in Mini-stream Shadow Stream Recorder 3.0.1.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.... Read more

    Affected Products : shadow_stream_recorder
    • EPSS Score: %9.71
    • Published: Apr. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1437

    Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.6 and earlier allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file. NOTE: this may overlap CVE-2008-3408.... Read more

    Affected Products : coolplayer
    • EPSS Score: %9.71
    • Published: Apr. 27, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1449

    Stack-based buffer overflow in PortableApps CoolPlayer Portable (aka CoolPlayer+ Portable) 2.19.1 allows remote attackers to execute arbitrary code via a skin file (skin.ini) with a large PlaylistSkin parameter. NOTE: this may overlap CVE-2008-5735.... Read more

    Affected Products : coolplayer
    • EPSS Score: %6.89
    • Published: Apr. 27, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1497

    Stack-based buffer overflow in srt2smi.exe in Gretech Online Movie Player (GOM Player) 2.1.16.4635 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long string in an SRT file.... Read more

    Affected Products : gom_player
    • EPSS Score: %10.90
    • Published: May. 01, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0194

    The domain-locking implementation in the GARMINAXCONTROL.GarminAxControl_t.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that (1) download and (2) upload requests come from a web si... Read more

    Affected Products : garmin_communicator_plugin
    • EPSS Score: %1.32
    • Published: May. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1600

    Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on acce... Read more

    Affected Products : safari acrobat_reader
    • EPSS Score: %0.24
    • Published: May. 11, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 291741 Results