Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-1707

    Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.... Read more

    Affected Products : iprint
    • Published: Jun. 09, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0027

    Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a larg... Read more

    • Published: Jan. 12, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4385

    Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to have an unspecified im... Read more

    Affected Products : linux_kernel realplayer realplayer_sp
    • Published: Dec. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-4306

    Buffer overflow in enscript before 1.6.4 has unknown impact and attack vectors, possibly related to the font escape sequence.... Read more

    Affected Products : linux
    • Published: Nov. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0434

    Format string vulnerability in the AXIMilter module in AXIGEN Mail Server 5.0.2 allows remote attackers to execute arbitrary code via format string specifiers in the CNHO command.... Read more

    • Published: Jan. 23, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0946

    Unspecified vulnerability in Microsoft Internet Explorer 7 on Windows XP SP2, Windows Server 2003 SP1 or SP2, or Windows Vista allows remote attackers to execute arbitrary code via crafted HTML objects, which results in memory corruption, aka the first of... Read more

    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0035

    Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word... Read more

    Affected Products : office works
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-0200

    Format string vulnerability in the error-reporting feature in the mysqli extension in PHP 5.1.0 and 5.1.1 might allow remote attackers to execute arbitrary code via format string specifiers in MySQL error messages.... Read more

    Affected Products : php
    • Published: Jan. 13, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2007-0940

    Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka th... Read more

    Affected Products : biztalk_server capicom
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2514

    Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long... Read more

    Affected Products : discovery asset_manager discovery
    • Published: Jun. 06, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-4995

    Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : openssl
    • Published: Oct. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3878

    Stack-based buffer overflow in the Ultra.OfficeControl ActiveX control in OfficeCtrl.ocx 2.0.2008.801 in Ultra Shareware Ultra Office Control allows remote attackers to execute arbitrary code via long strUrl, strFile, and strPostData parameters to the Htt... Read more

    Affected Products : ultra_office_control
    • Published: Sep. 02, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4128

    Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the ... Read more

    Affected Products : ios 871_integrated_services_router
    • Published: Sep. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4342

    NuMedia Soft NMS DVD Burning SDK Activex NMSDVDX.DVDEngineX.1 ActiveX control (NMSDVDX.dll) 1.013C and earlier, as used in CDBurnerXP 4.2.1.976, BurnAware 2.1.3, Blaze Media Pro 8.02 Special Edition, and possibly other products, allows remote attackers to... Read more

    • Published: Sep. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4564

    Stack-based buffer overflow in wp6sr.dll in the Autonomy KeyView SDK 10.4 and earlier, as used in IBM Lotus Notes, Symantec Mail Security (SMS) products, Symantec BrightMail Appliance products, and Symantec Data Loss Prevention (DLP) products, allows remo... Read more

    • Published: Mar. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0202

    Array index error in FL21WIN.DLL in the PowerPoint Freelance Windows 2.1 Translator in Microsoft PowerPoint 2000 and 2002 allows remote attackers to execute arbitrary code via a Freelance file with unspecified "layout information" that triggers a heap-bas... Read more

    Affected Products : office_powerpoint
    • Published: Jun. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3518

    Argument injection vulnerability in the iim: URI handler in IBMIM.exe in IBM Installation Manager 1.3.2 and earlier, as used in IBM Rational Robot and Rational Team Concert, allows remote attackers to load arbitrary DLL files via the -vm option, as demons... Read more

    Affected Products : installation_manager
    • Published: Oct. 01, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3577

    Autodesk 3D Studio Max (3DSMax) 6 through 9 and 2008 through 2010 allows remote attackers to execute arbitrary code via a .max file with a MAXScript statement that calls the DOSCommand method, related to "application callbacks."... Read more

    Affected Products : 3ds_max
    • Published: Nov. 24, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4656

    Stack-based buffer overflow in E-Soft DJ Studio Pro 4.2 including 4.2.2.7.5, and 5.x including 5.1.4.3.1, allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a playlist file (.pls)... Read more

    Affected Products : dj_studio_pro
    • Published: Mar. 03, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3152

    Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier, and possibly other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwma... Read more

    Affected Products : illustrator
    • Published: Aug. 27, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 293280 Results