Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-1792

    The system.openURL function in StoneTrip Ston3D StandalonePlayer (aka S3DPlayer StandAlone) 1.6.2.4 and 1.7.0.1 and WebPlayer (aka S3DPlayer Web) 1.6.0.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the first argument ... Read more

    • EPSS Score: %1.61
    • Published: May. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-2411

    A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2422

    Wi-Fi in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not prevent use of a Wi-Fi CA certificate in an unrelated CA role, which allows attackers to gain privileges via a crafted application, as demonstrat... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Apr. 18, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2450

    codecs/on2/enc/SoftVPXEncoder.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted a... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: May. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6596

    mediaserver in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, aka internal bugs 20731946 and 20719651, a different vulnerability than CVE-2015-7717.... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2494

    Off-by-one error in sdcard/sdcard.c in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem a... Read more

    Affected Products : android
    • EPSS Score: %1.07
    • Published: Jun. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-2508

    media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 does not validate certain track data, which allows remote attackers to execute arbitrary c... Read more

    Affected Products : android
    • EPSS Score: %0.33
    • Published: Jul. 11, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-2583

    Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (Aventail.EPInstaller) before 10.5.2 and 10.0.5 hotfix 3 allows remote attackers to execute arbitrary code via long (1) CabURL and (2) Location arguments to ... Read more

    • EPSS Score: %7.76
    • Published: Nov. 03, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-15573

    An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. Attackers can use the web interface to read and write data to any file on disk (as long as rlm.exe has access to it) via /goform/edit_lf_process with file content in the lfdata para... Read more

    Affected Products : reprise_license_manager
    • EPSS Score: %0.26
    • Published: Aug. 20, 2018
    • Modified: Apr. 30, 2025

  • 9.3

    HIGH
    CVE-2010-3129

    Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse plugin_dll.dll, userenv.dll, shfolder.dll, dnsapi.dll, dwma... Read more

    Affected Products : utorrent utorrent
    • EPSS Score: %1.82
    • Published: Aug. 26, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-15295

    An Untrusted Search Path vulnerability in the ServiceInstance.dll library versions 1.0.15.119 and lower, as used in Bitdefender Antivirus Free 2020 versions prior to 1.0.15.138, allows an attacker to load an arbitrary DLL file from the search path.... Read more

    Affected Products : antivirus_2020
    • EPSS Score: %0.16
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-3329

    Stack-based buffer overflow in Winplot 1.25.0.1 allows user-assisted remote attackers to execute arbitrary code via a crafted Plot2D (.wp2) file.... Read more

    Affected Products : winplot
    • EPSS Score: %5.85
    • Published: Sep. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3574

    Tuniac 090517c allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long File1 argument in a .pls playlist file, possibly a buffer overflow.... Read more

    Affected Products : tuniac
    • EPSS Score: %2.32
    • Published: Oct. 06, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3693

    Directory traversal vulnerability in the Persits.XUpload.2 ActiveX control (XUpload.ocx) in HP LoadRunner 9.5 allows remote attackers to create arbitrary files via \.. (backwards slash dot dot) sequences in the third argument to the MakeHttpRequest method... Read more

    Affected Products : loadrunner xupload
    • EPSS Score: %71.51
    • Published: Oct. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4001

    Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow.... Read more

    Affected Products : xnview
    • EPSS Score: %12.14
    • Published: Mar. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2693

    Stack-based buffer overflow in the BITIFF.BITiffCtrl.1 ActiveX control in BITiff.ocx 10.9.3.0 in Black Ice Barcode SDK 5.01 allows remote attackers to execute arbitrary code via a long first argument to the SetByteOrder method.... Read more

    Affected Products : barcode_sdk
    • EPSS Score: %12.16
    • Published: Jun. 13, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2705

    Unspecified vulnerability in Sun Java System Access Manager (AM) 7.1, when used with certain versions and configurations of Sun Directory Server Enterprise Edition (DSEE), allows remote attackers to bypass authentication via unspecified vectors.... Read more

    Affected Products : java_system_access_manager
    • EPSS Score: %0.35
    • Published: Jun. 16, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-15389

    The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer (versionCode=7, versionName=7.1.13). This app conta... Read more

    Affected Products : haier_a6_firmware haier_a6
    • EPSS Score: %0.38
    • Published: Nov. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-4117

    Multiple stack-based buffer overflows in pdf_shade4.c in MuPDF before commit 20091125231942, as used in SumatraPDF before 1.0.1, allow remote attackers to cause a denial of service and possibly execute arbitrary code via a /Decode array for certain types ... Read more

    Affected Products : sumatrapdf
    • EPSS Score: %24.33
    • Published: Dec. 01, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-24707

    Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.... Read more

    Affected Products : gophish
    • EPSS Score: %0.17
    • Published: Oct. 28, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 291756 Results