Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2018-0555

    Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file.... Read more

    Affected Products : wzr-1750dhp2_firmware wzr-1750dhp2
    • EPSS Score: %0.45
    • Published: Apr. 09, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-3088

    Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua1316... Read more

    Affected Products : anyconnect_secure_mobility_client
    • EPSS Score: %0.48
    • Published: Sep. 16, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-0175

    Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file.... Read more

    Affected Products : mp3_trackmaker
    • EPSS Score: %7.86
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0181

    Buffer overflow in VUPlayer allows user-assisted attackers to have an unknown impact via a long file, as demonstrated by a file composed entirely of 'A' characters.... Read more

    Affected Products : vuplayer
    • EPSS Score: %0.34
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-9427

    In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. P... Read more

    Affected Products : android
    • EPSS Score: %3.06
    • Published: Nov. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9550

    In CAacDecoder_Init of aacdecoder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: An... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0465

    The SaveDoc method in the All_In_The_Box.AllBox ActiveX control in ALL_IN_THE_BOX.OCX in Synactis ALL In-The-Box ActiveX 3 allows remote attackers to create and overwrite arbitrary files via an argument ending in a '\0' character, which bypasses the inten... Read more

    Affected Products : all_in_the_box.ocx
    • EPSS Score: %6.77
    • Published: Feb. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-11285

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429,... Read more

    • EPSS Score: %0.10
    • Published: Sep. 20, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0569

    Buffer overflow in Becky! Internet Mail 2.48.02 and earlier allows remote attackers to execute arbitrary code via a mail message with a crafted return receipt request.... Read more

    Affected Products : becky\!_internet_mail
    • EPSS Score: %11.68
    • Published: Feb. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-11551

    AXON PBX 2.02 contains a DLL hijacking vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability exists because a DLL file is loaded by 'pbxsetup.exe' improperly.... Read more

    Affected Products : axon_pbx
    • EPSS Score: %1.43
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0811

    Insecure method vulnerability in the SopCast SopCore ActiveX control in sopocx.ocx 3.0.3.501 allows remote attackers to execute arbitrary programs via an executable file name in the argument to the SetExternalPlayer method.... Read more

    Affected Products : sopcore_activex_control
    • EPSS Score: %1.86
    • Published: Mar. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-7444

    In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed.... Read more

    Affected Products : system_recovery
    • EPSS Score: %0.12
    • Published: Apr. 05, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2010-1279

    Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x before 11.0.1 allow user-assisted remote attackers to execute arbitrary code via a crafted TIFF file.... Read more

    Affected Products : photoshop photoshop_cs4
    • EPSS Score: %7.46
    • Published: May. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2054

    Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors.... Read more

    Affected Products : ciscoworks_common_services
    • EPSS Score: %4.63
    • Published: May. 29, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-0501

    The EdrawSoft EDOFFICE.EDOfficeCtrl.1 ActiveX control, as used in Edraw Office Viewer Component, the client in IBM Cognos Disclosure Management (CDM) 10.2.0, and other products, allows remote attackers to read arbitrary files, or download an arbitrary pro... Read more

    Affected Products : cognos_disclosure_management
    • EPSS Score: %0.75
    • Published: Apr. 12, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-8170

    Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP which has the root privilege; the APP can send a... Read more

    Affected Products : vie-l09_firmware vie-l09
    • EPSS Score: %0.18
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8210

    The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user ... Read more

    • EPSS Score: %0.18
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8212

    The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360 have a buffer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user ... Read more

    • EPSS Score: %0.18
    • Published: Nov. 22, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8268

    In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read.... Read more

    Affected Products : android
    • EPSS Score: %0.09
    • Published: Aug. 18, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2013-0655

    The client in Schneider Electric Software Update (SESU) Utility 1.0.x and 1.1.x does not ensure that updates have a valid origin, which allows man-in-the-middle attackers to spoof updates, and consequently execute arbitrary code, by modifying the data str... Read more

    • EPSS Score: %1.58
    • Published: Jan. 21, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 291808 Results