Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-4939

    Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (app... Read more

    • EPSS Score: %23.20
    • Published: Sep. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6060

    AhnLab Antivirus 3 Internet Security 2008 Platinum appends data to a filename string at a location indicated by the "Filename length" field in a ZIP header, which allows remote attackers to cause a denial of service (machine crash) and possibly execute ar... Read more

    Affected Products : v3_internet_security
    • EPSS Score: %10.26
    • Published: Nov. 20, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4664

    Heap-based buffer overflow in QvodInsert.QvodCtrl.1 ActiveX control (QvodInsert.dll) in QVOD Player before 2.1.5 build 0053 allows remote attackers to execute arbitrary code via a long URL property. NOTE: some of these details are obtained from third par... Read more

    Affected Products : qvod_player
    • EPSS Score: %15.04
    • Published: Oct. 22, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6089

    PHP remote file inclusion vulnerability in index.php in meBiblio 0.4.5 allows remote attackers to execute arbitrary PHP code via a URL in the action parameter.... Read more

    Affected Products : mebiblio
    • EPSS Score: %2.31
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6706

    Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP.... Read more

    Affected Products : lotus_notes notes
    • EPSS Score: %3.91
    • Published: Mar. 09, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4037

    Buffer overflow in Sielco Sistemi Winlog PRO before 2.07.09 and Winlog Lite before 2.07.09 allows user-assisted remote attackers to execute arbitrary code via invalid data in unspecified fields of a project file.... Read more

    Affected Products : winlog_lite winlog_pro
    • EPSS Score: %9.78
    • Published: Dec. 22, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-5088

    The GENESIS32 IcoSetServer ActiveX control in ICONICS GENESIS32 9.21 and BizViz 9.21 configures the trusted zone on the basis of user input, which allows remote attackers to execute arbitrary code via a crafted web site, related to a "Workbench32/WebHMI c... Read more

    Affected Products : genesis32 bizviz
    • EPSS Score: %1.72
    • Published: Apr. 18, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-10573

    baryton-saxophone is a module to install and launch Selenium Server for Mac, Linux and Windows. baryton-saxophone versions below 3.0.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code... Read more

    Affected Products : baryton-saxophone
    • EPSS Score: %0.77
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10599

    sauce-connect is a Node.js wrapper over the SauceLabs SauceConnect.jar program for establishing a secure tunnel for intranet testing. sauce-connect downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cau... Read more

    Affected Products : node-sauce-connect
    • EPSS Score: %0.77
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10635

    broccoli-closure is a Closure compiler plugin for Broccoli. broccoli-closure before 1.3.1 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the request... Read more

    Affected Products : broccoli-closure
    • EPSS Score: %0.77
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10682

    massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker i... Read more

    Affected Products : massif
    • EPSS Score: %0.77
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-2451

    codecs/on2/dec/SoftVPX.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate VPX output buffer sizes, which allows attackers to gain privileges via a crafted a... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2501

    The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Qualcomm internal bug CR1001092.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3774

    The MediaTek drivers in Android before 2016-07-05 on Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29008609 and MediaTek internal bug ALPS02703102.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-3870

    omx/SimpleSoftOMXComponent.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before 2016-09-01 does not prevent input-port changes, which allows attackers to gain privi... Read more

    Affected Products : android
    • EPSS Score: %0.14
    • Published: Sep. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-6784

    An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. ... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-6789

    An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain l... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.16
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-8424

    An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device comp... Read more

    Affected Products : linux_kernel
    • EPSS Score: %0.26
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0331

    An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device co... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.06
    • Published: May. 02, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0455

    An information disclosure vulnerability in the Qualcomm bootloader could help to enable a local malicious application to to execute arbitrary code within the context of the bootloader. This issue is rated as High because it is a general bypass for a bootl... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %0.24
    • Published: Mar. 08, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 292495 Results