Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2016-10607

    openframe-glsviewer is a Openframe extension which adds support for shaders via glslViewer. openframe-glsviewer downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by sw... Read more

    Affected Products : openframe-glslviewer
    • EPSS Score: %0.77
    • Published: Jun. 01, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10611

    strider-sauce is Sauce Labs / Selenium support for Strider. strider-sauce downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested zip file with... Read more

    Affected Products : strider-sauce
    • EPSS Score: %0.77
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-3734

    Format string vulnerability in Ipswitch WS_FTP Home 2007.0.0.2 and WS_FTP Professional 2007.1.0.0 allows remote FTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via format string specifiers in a connection gr... Read more

    Affected Products : ws_ftp_home ws_ftp_pro
    • EPSS Score: %67.69
    • Published: Aug. 20, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2485

    Stack-based buffer overflow in HT-MP3Player 1.0 allows remote attackers to execute arbitrary code via a long string in a .ht3 file.... Read more

    Affected Products : ht-mp3player
    • EPSS Score: %80.02
    • Published: Jul. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4343

    The Chilkat XML ChilkatUtil.CkData.1 ActiveX control (ChilkatUtil.dll) 3.0.3.0 and earlier allows remote attackers to create, overwrite, and modify arbitrary files for execution via a call to the (1) SaveToFile, (2) SaveToTempFile, or (3) AppendBinary met... Read more

    Affected Products : chilkat_xml_activex_control
    • EPSS Score: %4.85
    • Published: Sep. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-5682

    Intel PSET Application Install wrapper of Intel Parallel Studio XE, Intel System Studio, Intel VTune Amplifier, Intel Inspector, Intel Advisor, Intel MPI Library, Intel Trace Analyzer and Collector, Intel Integrated Performance Primitives, Cryptography fo... Read more

    • EPSS Score: %0.11
    • Published: Feb. 28, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-3170

    Stack-based buffer overflow in AIMP2 Audio Converter 2.53 (build 330) and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a (1) .pls or (2) .m3u playlist file.... Read more

    Affected Products : aimp2_audio_converter
    • EPSS Score: %9.93
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-5691

    Incorrect check in Intel processors from 6th and 7th Generation Intel Core Processor Families, Intel Xeon E3-1500M v5 and v6 Product Families, and Intel Xeon E3-1200 v5 and v6 Product Families allows compromised system firmware to impact SGX security via ... Read more

    • EPSS Score: %0.41
    • Published: Jul. 26, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-3214

    Multiple stack-based buffer overflows in Photodex ProShow Gold 4.0.2549 allow remote attackers to execute arbitrary code via a crafted Slideshow project (.psh) file, related to the (1) cell[n].images[m].image and (2) cell[n].sound.file fields.... Read more

    Affected Products : proshow_gold
    • EPSS Score: %64.78
    • Published: Sep. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-17227

    GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due... Read more

    Affected Products : mate_10_firmware mate_10
    • EPSS Score: %0.11
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-8941

    drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices does not properly validate array indexes, which allows attackers to gain privileges via a crafted applicati... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-3717

    Heap-based buffer overflow in LucVil PatPlayer 3.9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long URI in a playlist (.m3u) file.... Read more

    Affected Products : patplayer
    • EPSS Score: %4.57
    • Published: Oct. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5536

    Panda Antivirus 9.0.0.4, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) ... Read more

    Affected Products : internet_explorer panda_antivirus
    • EPSS Score: %0.28
    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5538

    Prevx Prevx1 2, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt ex... Read more

    Affected Products : internet_explorer prevx1
    • EPSS Score: %0.29
    • Published: Dec. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3808

    MixSense DJ Studio 1.0.0.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an .mp3 playlist file.... Read more

    Affected Products : mixsense_dj_studio
    • EPSS Score: %3.42
    • Published: Oct. 27, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-4357

    A memory corruption issue was addressed with improved input validation. This issue affected versions prior to Xcode 10.... Read more

    Affected Products : xcode
    • EPSS Score: %0.17
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2149

    Untrusted search path vulnerability in installers of the software for SDHC/SDXC Memory Card with embedded NFC functionality Software Update Tool V1.00.03 and earlier, SDHC Memory Card with embedded wireless LAN functionality FlashAir Configuration Softwar... Read more

    Affected Products : flashair
    • EPSS Score: %7.54
    • Published: Apr. 28, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2210

    Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. 1.0.1 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : patchjgd
    • EPSS Score: %0.17
    • Published: Jun. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-2249

    Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : lhaz\+
    • EPSS Score: %0.14
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2018-5840

    Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Jun. 06, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 292508 Results