Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2008-7022

    Insecure method vulnerability in ChilkatMail_v7_9.dll in the Chilkat Software IMAP ActiveX control (ChilkatMail2.ChilkatMailMan2.1) allows remote attackers to execute arbitrary programs via the LoadXmlEmail method.... Read more

    Affected Products : chilkat_imap_activex_control
    • Published: Aug. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-0164

    Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContainer.cpp in libpr0n in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (heap memory corruption and application crash) or... Read more

    Affected Products : firefox
    • Published: Mar. 25, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-8636

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft ... Read more

    Affected Products : office office_365_proplus excel
    • Published: Dec. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8932

    The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4.... Read more

    • Published: Mar. 22, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0528

    Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted color tables in a movie file, related to malformed MediaVideo data, a sample descr... Read more

    • Published: Mar. 31, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0749

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allow remote attackers to cause a denial of... Read more

    • Published: Jan. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-0807

    Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote ... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-2997

    Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3429

    Stack-based buffer overflow in Pirate Radio Destiny Media Player 1.61 allows remote attackers to execute arbitrary code via a long string in a .pls playlist file.... Read more

    Affected Products : destiny_media_player
    • Published: Sep. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-3357

    Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word for Mac 2011, Word 2016 for Mac, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services ... Read more

    • Published: Sep. 14, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-8318

    Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00 before GRA-CL00C92B230, GRA-CL10 before GRA-CL10C92B230, GRA-UL00 before GRA-UL00C00B230, and GRA-UL10 before GRA-UL10C00B230, a... Read more

    Affected Products : mate_s_firmware p8_firmware p8 mate_s
    • Published: Apr. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2008-2426

    Multiple stack-based buffer overflows in Imlib 2 (aka imlib2) 1.4.0 allow user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via (1) a PNM image with a crafted header, related to the load function in src... Read more

    Affected Products : imlib2
    • Published: Jun. 02, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2004-2692

    The exec_dir PHP patch (php-exec-dir) 4.3.2 through 4.3.7 with safe mode disabled allows remote attackers to bypass restrictions and execute arbitrary commands via a backtick operator, which is not handled using the php_escape_shell_cmd function.... Read more

    Affected Products : php-exec-dir
    • Published: Dec. 31, 2004
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2011-0250

    Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STSS atoms in a QuickTime movie file.... Read more

    • Published: Aug. 04, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-0651

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653.... Read more

    Affected Products : office office_365_proplus excel
    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-54032

    Adobe Connect versions 12.6, 11.4.7 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim... Read more

    Affected Products : connect
    • Published: Dec. 10, 2024
    • Modified: Jan. 15, 2025

  • 9.3

    HIGH
    CVE-2020-9554

    Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: May. 05, 2025

  • 9.3

    HIGH
    CVE-2019-19494

    Broadcom based cable modems across multiple vendors are vulnerable to a buffer overflow, which allows a remote attacker to execute arbitrary code at the kernel level via JavaScript run in a victim's browser. Examples of affected products include Sagemcom ... Read more

    • Published: Jan. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-32252

    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin user might be tricked to install a malicious package, gran... Read more

    Affected Products : sinema_remote_connect_server
    • Published: Jun. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2022-31582

    The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.... Read more

    Affected Products : videoserver
    • Published: Jul. 11, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292871 Results