Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2016-7205

    Animation Manager in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafte... Read more

    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7229

    Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document... Read more

    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2012-3054

    Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a... Read more

    Affected Products : webex_recording_format_player
    • Published: Jun. 29, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3053

    Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a c... Read more

    • Published: Jun. 29, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-7193

    Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on Sha... Read more

    • Actively Exploited
    • Published: Oct. 14, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-7232

    Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."... Read more

    • Published: Nov. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2012-2035

    Stack-based buffer overflow in Adobe Flash Player before 10.3.183.20 and 11.x before 11.3.300.257 on Windows and Mac OS X; before 10.3.183.20 and 11.x before 11.2.202.236 on Linux; before 11.1.111.10 on Android 2.x and 3.x; and before 11.1.115.9 on Androi... Read more

    • Published: Jun. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0928

    The ATRAC codec in RealNetworks RealPlayer 11.x and 14.x through 14.0.7, RealPlayer SP 1.0 through 1.1.5, and Mac RealPlayer 12.x before 12.0.0.1703 does not properly decode samples, which allows remote attackers to execute arbitrary code via a crafted AT... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Feb. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0609

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0162

    Microsoft .NET Framework 4 does not properly allocate buffers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application, aka ".NET Framework Buffer Allocation... Read more

    Affected Products : .net_framework
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0158

    The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, ... Read more

    • Actively Exploited
    • Published: Apr. 10, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0621

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0020

    Microsoft Visio Viewer 2010 Gold and SP1 does not properly handle memory during the parsing of files, which allows remote attackers to execute arbitrary code via crafted attributes in a Visio file, aka "VSD File Format Memory Corruption Vulnerability," a ... Read more

    Affected Products : visio_viewer
    • Published: Feb. 14, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4262

    Unspecified vulnerability in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted MP4 file.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4260

    RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed header in an MP4 file.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3868

    Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.... Read more

    Affected Products : player workstation fusion ams
    • Published: Oct. 07, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3412

    Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability."... Read more

    Affected Products : publisher
    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2124

    Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2127, and CVE-2011-2128.... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1266

    The Vector Markup Language (VML) implementation in vgx.dll in Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly init... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0622

    Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability... Read more

    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 293507 Results