Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-4097

    Stack-based buffer overflow in the MplayInputFile function in Serenity Audio Player 3.2.3 and earlier allows remote attackers to execute arbitrary code via a long URL in an M3U file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : serenity_audio_player
    • EPSS Score: %8.00
    • Published: Nov. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4101

    infoRSS 1.1.4.2 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.... Read more

    Affected Products : firefox inforss
    • EPSS Score: %1.46
    • Published: Nov. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4201

    Multiple stack-based buffer overflows in Mp3 Tag Assistant Professional 2.92 build 300 allow remote attackers to execute arbitrary code via an MP3 file with a long string in the (1) ID3v1, (2) ID3v2, or (3) APEv2 metadata field.... Read more

    Affected Products : mp3_tag_assistance_professional
    • EPSS Score: %4.91
    • Published: Dec. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4216

    Directory traversal vulnerability in funzioni/lib/menulast.php in klinza professional cms 5.0.1 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the LANG parameter.... Read more

    Affected Products : klinza_professional_cms
    • EPSS Score: %1.83
    • Published: Dec. 07, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2877

    Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows re... Read more

    Affected Products : webex
    • EPSS Score: %2.46
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2880

    Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a d... Read more

    Affected Products : webex
    • EPSS Score: %2.46
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2186

    Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that "was previously resolved in Shockwave... Read more

    Affected Products : shockwave_player
    • EPSS Score: %5.83
    • Published: Jun. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-0356

    Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx 6.8.0.0 in Viscom Software Movie Player Pro SDK ActiveX 6.8 allows remote attackers to execute arbitrary code via a long strFontName parameter to the DrawT... Read more

    Affected Products : movie_player_pro_sdk_activex
    • EPSS Score: %65.18
    • Published: Jan. 18, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4668

    Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long ID3 tag in an MP3 file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : jetaudio jetaudio
    • EPSS Score: %7.69
    • Published: Mar. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0688

    Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute arbitrary code via a crafted (1) .orb or (2) .ov file.... Read more

    Affected Products : orbital_viewer
    • EPSS Score: %69.65
    • Published: Mar. 19, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4761

    Stack-based buffer overflow in Mini-stream RM Downloader allows remote attackers to execute arbitrary code via a long string in a .smi file.... Read more

    Affected Products : rm_downloader
    • EPSS Score: %6.40
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1175

    Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to have an unspecified impact via a certain XML document that references a crafted web site in the SRC attribute of an image element, related to a "0day Vulnerab... Read more

    • EPSS Score: %18.51
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0589

    The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a craft... Read more

    Affected Products : secure_desktop
    • EPSS Score: %1.57
    • Published: Apr. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1465

    Stack-based buffer overflow in Trellian FTP client 3.01, including 3.1.3.1789, allows remote attackers to execute arbitrary code via a long PASV response.... Read more

    Affected Products : ftp
    • EPSS Score: %65.18
    • Published: Apr. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1597

    Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing an entry with a long filename.... Read more

    Affected Products : zipgenius
    • EPSS Score: %21.97
    • Published: Apr. 29, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1908

    The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance does not properly restrict access to the HTTPDownloadFile, HTTPGetFile, Install, and RunCmd methods, which allows remote attackers to ... Read more

    • EPSS Score: %1.80
    • Published: May. 12, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1913

    The default configuration of pluginlicense.ini for the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance, when downloaded from a server operated by Telefonica or possibly other companies, contai... Read more

    • EPSS Score: %2.96
    • Published: May. 12, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2004

    Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vulnera... Read more

    Affected Products : bs.player
    • EPSS Score: %11.32
    • Published: May. 20, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2009

    Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build 1003, and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long ID3 tag in a .MP3 file. NOTE: some of these d... Read more

    Affected Products : bs.player
    • EPSS Score: %12.61
    • Published: May. 21, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0599

    Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operat... Read more

    • EPSS Score: %0.75
    • Published: May. 27, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 291564 Results