Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-4702

    The Application Firewall in Apple Mac OS X 10.5, when "Block all incoming connections" is enabled, does not prevent root processes or mDNSResponder from accepting connections, which might allow remote attackers or local root processes to bypass intended a... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 15, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-4619

    Multiple integer overflows in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1, as used in Winamp before 5.5 and other products, allow user-assisted remote attackers to execute arbitrary code via a malformed FLAC file that triggers improper memory al... Read more

    Affected Products : winamp libflac
    • Published: Oct. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-4474

    Multiple stack-based buffer overflows in the IBM Lotus Domino Web Access ActiveX control, as provided by inotes6.dll, inotes6w.dll, dwa7.dll, and dwa7w.dll, in Domino 6.x and 7.x allow remote attackers to execute arbitrary code, as demonstrated by an over... Read more

    • Published: Dec. 27, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3752

    Heap-based buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via crafted album cover art in the covr atom of an MP4/AAC file.... Read more

    Affected Products : itunes
    • Published: Sep. 06, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3735

    Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.... Read more

    Affected Products : firefox thunderbird
    • Published: Jul. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3410

    Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows re... Read more

    • Published: Jun. 26, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2948

    Multiple stack-based buffer overflows in stream/stream_cddb.c in MPlayer before 1.0rc1try3 allow remote attackers to execute arbitrary code via a CDDB entry with a long (1) album title or (2) category.... Read more

    Affected Products : mplayer
    • Published: Jun. 07, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2923

    The launch method in the LocalExec ActiveX control (LocalExec.ocx) in Novell exteNd Director 4.1 and Portal Services allows remote attackers to execute arbitrary commands.... Read more

    Affected Products : extend_director
    • Published: Jun. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2586

    The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involv... Read more

    Affected Products : ios
    • Published: May. 10, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2498

    libmp4v2.dll in Winamp 5.02 through 5.34 allows user-assisted remote attackers to execute arbitrary code via a certain .MP4 file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : winamp
    • Published: May. 04, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-4391

    Heap-based buffer overflow in Kakadu kdu_v32m.dll in Yahoo! Messenger 8.1.0.413 allows remote attackers to cause a denial of service (application crash) via a certain length field in JPEG2000 data, as demonstrated by sending an "invite to view my webcam" ... Read more

    Affected Products : messenger
    • Published: Aug. 17, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2079

    The ADONewConnection Connect function in adodb.php in XAMPP 1.6.0a and earlier for Windows uses untrusted input for the database server hostname, which allows remote attackers to trigger a library buffer overflow and execute arbitrary code via a long host... Read more

    Affected Products : apache_distribution
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1942

    Integer overflow in FastStone Image Viewer 2.9 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted BMP image, as demonstrated by wh3intof.bmp and wh4intof.bmp.... Read more

    Affected Products : image_viewer
    • Published: Apr. 11, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1921

    LIBSNDFILE.DLL, as used by AOL Nullsoft Winamp 5.33 and possibly other products, allows remote attackers to execute arbitrary code via a crafted .MAT file that contains a value that is used as an offset, which triggers memory corruption.... Read more

    Affected Products : winamp
    • Published: Apr. 10, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1892

    Stack-based buffer overflow in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) before 2.2.1.0 allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2007-1891.... Read more

    Affected Products : download_manager
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-4292

    Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7)... Read more

    Affected Products : ios
    • Published: Aug. 09, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1282

    Integer overflow in Mozilla Thunderbird before 1.5.0.10 and SeaMonkey before 1.0.8 allows remote attackers to trigger a buffer overflow and possibly execute arbitrary code via a text/enhanced or text/richtext e-mail message with an extremely long line.... Read more

    • Published: Mar. 06, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1205

    Unspecified vulnerability in Microsoft Agent (msagent\agentsvr.exe) in Windows 2000 SP4, XP SP2, and Server 2003, 2003 SP1, and 2003 SP2 allows remote attackers to execute arbitrary code via crafted URLs, which result in memory corruption.... Read more

    • Published: Apr. 10, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0948

    Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initia... Read more

    Affected Products : virtual_pc virtual_server
    • Published: Aug. 14, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0099

    Race condition in the msxml3 module in Microsoft XML Core Services 3.0, as used in Internet Explorer 6 and other applications, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via many nested tags in an XM... Read more

    Affected Products : internet_explorer xml_core_services
    • Published: Jan. 08, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 293508 Results