Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-2202

    Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted H.264 movie file.... Read more

    Affected Products : quicktime
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2140

    Multiple heap-based buffer overflows in cppcanvas/source/mtfrenderer/emfplus.cxx in Go-oo 2.x and 3.x before 3.0.1, previously named ooo-build and related to OpenOffice.org (OOo), allow remote attackers to execute arbitrary code via a crafted EMF+ file, a... Read more

    Affected Products : go-oo
    • Published: Sep. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1791

    Heap-based buffer overflow in aiff_read_header in libsndfile 1.0.15 through 1.0.19, as used in Winamp 5.552 and possibly other media programs, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via... Read more

    Affected Products : winamp libsndfile
    • Published: May. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1169

    The txMozillaXSLTProcessor::TransformToDoc function in Mozilla Firefox before 3.0.8 and SeaMonkey before 1.1.16 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an XML file with a crafted XSLT transform.... Read more

    Affected Products : firefox
    • Published: Mar. 27, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0733

    Multiple stack-based buffer overflows in the ReadSetOfCurves function in LittleCMS (aka lcms or liblcms) before 1.18beta2, as used in Firefox 3.1beta, OpenJDK, and GIMP, allow context-dependent attackers to execute arbitrary code via a crafted image file ... Read more

    Affected Products : firefox gimp little_cms openjdk
    • Published: Mar. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2203

    Buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted MPEG-4 video file.... Read more

    Affected Products : quicktime
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0087

    Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute ... Read more

    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0010

    Integer underflow in QuickDraw Manager in Apple Mac OS X 10.4.11 and 10.5 before 10.5.7, and Apple QuickTime before 7.6.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a crafted 0... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: May. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5021

    nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying propert... Read more

    • Published: Nov. 13, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4812

    Array index error in Adobe Reader and Acrobat, and the Explorer extension (aka AcroRd32Info), 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing o... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Nov. 05, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4063

    Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the layout engine and (1) a ze... Read more

    Affected Products : firefox ubuntu_linux
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4030

    Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to exe... Read more

    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3827

    Multiple integer underflows in the Real demuxer (demux_real.c) in MPlayer 1.0_rc2 and earlier allow remote attackers to cause a denial of service (process termination) and possibly execute arbitrary code via a crafted video file that causes the stream_rea... Read more

    Affected Products : mplayer
    • Published: Sep. 29, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3627

    Apple QuickTime before 7.5.5 does not properly handle (1) MDAT atoms in MP4 video files within QuickTimeH264.qtx, (2) MDAT atoms in mov video files within QuickTimeH264.scalar, and (3) AVC1 atoms in an unknown media type within an unspecified component, w... Read more

    Affected Products : quicktime
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2880

    Heap-based buffer overflow in the IBM AFP Viewer Plug-in 2.0.7.1 and 3.2.1.1 allows remote attackers to execute arbitrary code via a long SRC property value. NOTE: the provenance of this information is unknown; the details are obtained solely from third ... Read more

    Affected Products : afp_viewer_plug-in
    • Published: Jun. 26, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2332

    ImageIO in Apple Mac OS X 10.4.11 and 10.5 through 10.5.4 allows context-dependent attackers to cause a denial of service (memory corruption and application crash) or execute arbitrary code via a crafted TIFF image.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Sep. 16, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2238

    Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.... Read more

    Affected Products : openoffice.org
    • Published: Oct. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-2042

    The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a ma... Read more

    Affected Products : acrobat acrobat_reader
    • Published: May. 08, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1309

    The RealAudioObjects.RealAudio ActiveX control in rmoc3260.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, RealPlayer 10.5 before build 6.0.12.1675, and RealPlayer 11 before 11.0.3 build 6.0.14.806 does not properly manage memory for the (1) Con... Read more

    Affected Products : realplayer
    • Published: Mar. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0307

    Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.... Read more

    Affected Products : maxdb
    • Published: Mar. 11, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 293284 Results