Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-0386

    The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.... Read more

    • EPSS Score: %3.15
    • Published: Feb. 25, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1719

    Multiple stack-based buffer overflows in the Web Viewer ActiveX controls in CA Output Management Web Viewer 11.0 and 11.5 allow remote attackers to execute arbitrary code via (1) a long SRC property value to the PPSViewer ActiveX control in PPSView.ocx be... Read more

    • EPSS Score: %16.64
    • Published: Apr. 27, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2075

    Unspecified vulnerability in Google Chrome 11.0.696.65 on Windows 7 SP1 allows remote attackers to execute arbitrary code via unknown vectors. NOTE: as of 20110510, the only disclosure is a vague advisory that possibly relates to multiple vulnerabilities... Read more

    Affected Products : windows_7 chrome
    • EPSS Score: %2.98
    • Published: May. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2089

    Stack-based buffer overflow in the SetActiveXGUID method in the VersionInfo ActiveX control in GenVersion.dll 8.0.138.0 in the WebHMI subsystem in ICONICS BizViz 9.x before 9.22 and GENESIS32 9.x before 9.22 allows remote attackers to execute arbitrary co... Read more

    Affected Products : genesis32 bizviz
    • EPSS Score: %76.01
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2160

    The VC-1 decoding functionality in FFmpeg before 0.5.4, as used in MPlayer and other products, does not properly restrict read operations, which allows remote attackers to have an unspecified impact via a crafted VC-1 file, a related issue to CVE-2011-072... Read more

    Affected Products : ffmpeg mplayer
    • EPSS Score: %0.75
    • Published: May. 20, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1645

    The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configura... Read more

    • EPSS Score: %1.65
    • Published: May. 31, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1336

    Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file.... Read more

    Affected Products : alzip
    • EPSS Score: %7.87
    • Published: Jul. 07, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2962

    Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls.... Read more

    Affected Products : wonderware_information_server
    • EPSS Score: %4.07
    • Published: Jul. 29, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2590

    The Play method in the UUPlayer ActiveX control 6.0.0.1 in UUSee 2010 6.11.0609.2 allows remote attackers to execute arbitrary programs via a UNC share pathname in the MPlayerPath parameter.... Read more

    Affected Products : uuplayer_activex_control uusee
    • EPSS Score: %0.86
    • Published: Aug. 09, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3141

    Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : wonderware_inbatch
    • EPSS Score: %3.66
    • Published: Aug. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2594

    Heap-based buffer overflow in KMPlayer 3.0.0.1441, and possibly other versions, allows remote attackers to execute arbitrary code via a playlist (.KPL) file with a long Title field.... Read more

    Affected Products : kmplayer
    • EPSS Score: %7.46
    • Published: Sep. 02, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2443

    Multiple buffer overflows in Adobe Photoshop Elements 8.0 and earlier allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted (1) .grd or (2) .abr file, a related issue... Read more

    Affected Products : photoshop_elements
    • EPSS Score: %45.19
    • Published: Oct. 04, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4004

    Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.... Read more

    Affected Products : webex_recording_format_player
    • EPSS Score: %3.57
    • Published: Oct. 27, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1367

    Unspecified vulnerability in the File Load feature in IBM Rational AppScan Standard and Express 7.8.x, 7.9.x, and 8.0.x before 8.0.0.3 allows remote attackers to execute arbitrary commands via a crafted .scan file.... Read more

    Affected Products : rational_appscan
    • EPSS Score: %1.15
    • Published: Oct. 30, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4223

    Unspecified vulnerability in Investintech.com Absolute PDF Server allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.... Read more

    Affected Products : absolute_pdf_server
    • EPSS Score: %2.79
    • Published: Nov. 01, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4034

    Buffer overflow in the Steema TeeChart ActiveX control, as used in Schneider Electric Vijeo Historian 4.30 and earlier, CitectHistorian 4.30 and earlier, and CitectSCADAReports 4.10 and earlier, allows remote attackers to execute arbitrary code or cause a... Read more

    • EPSS Score: %4.42
    • Published: Dec. 02, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4854

    The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 does not ensure that Content-Type HTTP headers match the corresponding Content-Type data in HTML META elements, which might allow remote attackers to have an unspecified impact by leveragi... Read more

    • EPSS Score: %0.73
    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4508

    The HMI web server in Siemens WinCC flexible 2004, 2005, 2007, and 2008 before SP3; WinCC V11 (aka TIA portal) before SP2 Update 1; the TP, OP, MP, Comfort Panels, and Mobile Panels SIMATIC HMI panels; WinCC V11 Runtime Advanced; and WinCC flexible Runtim... Read more

    • EPSS Score: %0.19
    • Published: Feb. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0736

    IBM Rational AppScan Enterprise 5.x and 8.x before 8.5.0.1 does not properly create scan jobs, which allows remote attackers to execute arbitrary code via a crafted web site.... Read more

    Affected Products : rational_appscan
    • EPSS Score: %3.83
    • Published: May. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-2611

    The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute a... Read more

    Affected Products : netweaver
    • EPSS Score: %77.66
    • Published: May. 15, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291564 Results