Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-1805

    An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary co... Read more

    Affected Products : macos mac_os_x
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-1779

    A logic error in kext loading was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. An application may be able to execute arbitrary code with system privi... Read more

    Affected Products : macos mac_os_x
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-2724

    Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."... Read more

    Affected Products : java_se
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2210

    Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that trig... Read more

    Affected Products : thunderbird seamonkey
    • Published: Jun. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1763

    A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to u... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-1882

    Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer o... Read more

    Affected Products : imagemagick
    • Published: Jun. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1758

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be ab... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-1569

    Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.... Read more

    Affected Products : iprint
    • Published: Dec. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1441

    Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related ... Read more

    Affected Products : chrome
    • Published: May. 07, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1376

    Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote at... Read more

    Affected Products : pidgin
    • Published: May. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-6932

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • Published: Sep. 14, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-1098

    Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a ... Read more

    Affected Products : jre sdk jdk
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1759

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image ... Read more

    Affected Products : macos mac_os_x iphone_os tvos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-1744

    An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously ... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0387

    Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitra... Read more

    Affected Products : good_plug-ins plug-ins
    • Published: Feb. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1745

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0091

    Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted A... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5245

    xine-lib before 1.1.15 performs V4L video frame preallocation before ascertaining the required length, which has unknown impact and attack vectors, possibly related to a buffer overflow in the open_video_capture_device function in src/input/input_v4l.c.... Read more

    Affected Products : xine-lib
    • Published: Nov. 26, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5178

    Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680.... Read more

    Affected Products : opera opera_browser windows
    • Published: Nov. 20, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-6783

    An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. ... Read more

    Affected Products : android
    • Published: Jan. 12, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293521 Results