Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-0879

    Buffer overflow in SmidgeonSoft PEBrowse Professional 8.2.1.0 allows user-assisted remote attackers to execute arbitrary code via certain executable files in PE format. NOTE: the provenance of this information is unknown; the details are obtained solely ... Read more

    Affected Products : pebrowse
    • Published: Feb. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1784

    The JNILoader ActiveX control (STJNILoader.ocx) 3.1.0.26 in IBM Lotus Notes Sametime before 7.5 allows remote attackers to load arbitrary DLL libraries and execute arbitrary code via arbitrary arguments to the loadLibrary function.... Read more

    • Published: Mar. 31, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3924

    Argument injection vulnerability in Microsoft Internet Explorer, when running on systems with Netscape installed and certain URIs registered, allows remote attackers to conduct cross-browser scripting attacks and execute arbitrary commands via shell metac... Read more

    Affected Products : internet_explorer navigator
    • Published: Jul. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5213

    Multiple cross-site request forgery (CSRF) vulnerabilities in the AXIS 2100 Network Camera 2.02 with firmware 2.43 and earlier allow remote attackers to perform actions as administrators, as demonstrated by (1) an SMTP server change through the conf_SMTP_... Read more

    • Published: Oct. 04, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5687

    Multiple buffer overflows in the rich text processing functionality in JustSystems Ichitaro 2004 through 2007, 11 through 13, and other versions allow remote attackers to execute arbitrary code via a long (1) pard field or (2) font name in the fcharset0 f... Read more

    Affected Products : ichitaro ichitaro
    • Published: Oct. 28, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6254

    Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : businessobjects business_objects
    • Published: Mar. 20, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6278

    Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allows user-assisted remote attackers to force a client to download arbitrary files via the MIME-Type URL flag (-->) for the FLAC image file in a crafted .FLAC file.... Read more

    Affected Products : libflac
    • Published: Dec. 07, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5696

    Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the ApacheAdmin console, which allows remote attackers to reconfigure the Apache HTTP Server via console operations.... Read more

    Affected Products : netware netware
    • Published: Dec. 19, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0228

    Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators.... Read more

    Affected Products : wrt54gl_firmware wrt54gl
    • Published: Jan. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4005

    Cross-site request forgery (CSRF) vulnerability in the Services Ready Platform Configuration Utility web interface on the Cisco Small Business SRP521W, SRP526W, and SRP527W with firmware before 1.1.24 and the Small Business SRP541W, SRP546W, and SRP547W w... Read more

    • Published: Nov. 03, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4030

    The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerabili... Read more

    Affected Products : plone cmfeditions
    • Published: Oct. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-10570

    pngcrush-installer is an installer for Pngcrush. pngcrush-installer versions below 1.8.10 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requeste... Read more

    Affected Products : pngcrush-installer
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10589

    selenium-binaries downloads Selenium related binaries for your OS. selenium-binaries downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested bi... Read more

    Affected Products : selenium-binaries
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10583

    closure-utils is Utilities for Closure Library based projects. closure-utils downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary wit... Read more

    Affected Products : closure-util closure-util
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-3798

    The MediaTek hardware sensor driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28174490 and MediaTek internal bug ALPS02703105.... Read more

    Affected Products : android
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3805

    The MediaTek power management driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28333002 and MediaTek internal bug ALPS02694412.... Read more

    Affected Products : android
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3937

    The MediaTek video driver in Android before 2016-10-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 30030994 and MediaTek internal bug ALPS02834874.... Read more

    Affected Products : android
    • Published: Oct. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3986

    Avast allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via a crafted PE file, related to authenticode parsing.... Read more

    Affected Products : avast
    • Published: Apr. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-9802

    Multiple integer overflows in lib/libfdt/fdt.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28821965 and Qualcomm internal bu... Read more

    Affected Products : android
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-9866

    drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows attackers to gain privileges via a crafted application,... Read more

    Affected Products : android
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 292870 Results