Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2025-53391

    The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.2.0-1 package has insecure PolicyKit allow_any/allow_inactive/allow_active settings that allow a local user to escalate their privileges to root.... Read more

    Affected Products :
    • Published: Jun. 28, 2025
    • Modified: Jun. 30, 2025
    • Vuln Type: Authorization

  • 9.3

    HIGH
    CVE-2018-8423

    A remote code execution vulnerability exists in the Microsoft JET Database Engine, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server... Read more

    • EPSS Score: %57.23
    • Published: Oct. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-0184

    Use-after-free vulnerability in GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary ... Read more

    • EPSS Score: %22.32
    • Published: May. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-3466

    The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via ... Read more

    Affected Products : secure_access_control_server
    • EPSS Score: %0.72
    • Published: Aug. 29, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1707

    Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.... Read more

    Affected Products : iprint
    • EPSS Score: %20.33
    • Published: Jun. 09, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0027

    Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a larg... Read more

    • EPSS Score: %71.91
    • Published: Jan. 12, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4385

    Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified im... Read more

    Affected Products : linux_kernel realplayer realplayer_sp
    • EPSS Score: %0.99
    • Published: Dec. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-4306

    Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence.... Read more

    Affected Products : linux
    • EPSS Score: %6.09
    • Published: Nov. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0434

    Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command.... Read more

    • EPSS Score: %19.64
    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0946

    Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of... Read more

    • EPSS Score: %59.13
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0035

    Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word... Read more

    Affected Products : office works
    • EPSS Score: %58.63
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-0200

    Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.... Read more

    Affected Products : php
    • EPSS Score: %11.29
    • Published: Jan. 13, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2007-0940

    Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka th... Read more

    Affected Products : biztalk_server capicom
    • EPSS Score: %74.94
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2514

    Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long... Read more

    Affected Products : discovery asset_manager discovery
    • EPSS Score: %11.62
    • Published: Jun. 06, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-4995

    Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : openssl
    • EPSS Score: %9.57
    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3878

    Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the Htt... Read more

    Affected Products : ultra_office_control
    • EPSS Score: %71.93
    • Published: Sep. 02, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4128

    Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the ... Read more

    Affected Products : ios 871_integrated_services_router
    • EPSS Score: %1.52
    • Published: Sep. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4342

    NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control (NMSDVDX.dll) 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, Blaze Media Pro 8.02 Special Edition, and possibly other products, allows remote attackers to... Read more

    • EPSS Score: %26.71
    • Published: Sep. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4564

    Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remo... Read more

    • EPSS Score: %54.25
    • Published: Mar. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0202

    Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft PowerPoint 2000 and 2002 allows remote attackers to execute arbitrary code via a Freelance file with unspecified "layout information" that triggers a heap-bas... Read more

    Affected Products : office_powerpoint
    • EPSS Score: %47.53
    • Published: Jun. 11, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 292428 Results