Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-3131

    Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5, and Silverlight 5 before 5.1.20513.0, does not properly prevent changes to data in multidimensional arrays of structures, which allows remote attackers to execute arbitrary code via (1) a crafted .... Read more

    Affected Products : .net_framework silverlight
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3120

    Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3118... Read more

    Affected Products : internet_explorer
    • Published: Jun. 12, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3110

    Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013... Read more

    Affected Products : internet_explorer
    • Published: Jun. 12, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3011

    Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability,... Read more

    Affected Products : java
    • Published: Jul. 23, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1722

    Use-after-free vulnerability in the nsAnimationManager::BuildAnimations function in the Animation Manager in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.2... Read more

    • Published: Sep. 18, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1313

    Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."... Read more

    Affected Products : windows_xp
    • Published: Feb. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1288

    Use-after-free vulnerability in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer CTreeNode Use After Free Vulnerability."... Read more

    • Published: Mar. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0758

    Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allow remote attackers to execute arbitrary JavaScript co... Read more

    • Published: Jan. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0634

    Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers ... Read more

    • Published: Feb. 08, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-5840

    Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers ... Read more

    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-5161

    The XML Service interface in Citrix XenApp 6.5 and 6.5 Feature Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : xenapp
    • Published: Dec. 26, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4953

    The decomposer engine in Symantec Endpoint Protection (SEP) 11.0, Symantec Endpoint Protection Small Business Edition 12.0, Symantec AntiVirus Corporate Edition (SAVCE) 10.x, and Symantec Scan Engine (SSE) before 5.2.8 does not properly perform bounds che... Read more

    • Published: Nov. 14, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4214

    Use-after-free vulnerability in the nsTextEditorState::PrepareEditor function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers ... Read more

    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4213

    Use-after-free vulnerability in the nsEditor::FindNextLeafNode function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corrupti... Read more

    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3969

    Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arb... Read more

    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3636

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4787

    Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "Improper Ref Coun... Read more

    • Published: Dec. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3610

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0862

    Multiple integer overflows in the process_frame_obj function in libavcodec/sanm.c in FFmpeg before 1.1.2 allow remote attackers to have an unspecified impact via crafted image dimensions in LucasArts Smush video data, which triggers an out-of-bounds array... Read more

    Affected Products : ffmpeg
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1129

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via a crafted SFNT strin... Read more

    Affected Products : freetype firefox_mobile
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293508 Results