Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-3608

    Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted P... Read more

    Affected Products : xpdfreader gpdf kpdf poppler tetex pdftops xpdf
    • Published: Oct. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3459

    Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 200... Read more

    Affected Products : acrobat acrobat_reader reader
    • Published: Oct. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3134

    Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerP... Read more

    • Published: Nov. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1805

    An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, macOS Mojave 10.14.6 Security Update 2021-002. An application may be able to execute arbitrary co... Read more

    Affected Products : macos mac_os_x
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-1779

    A logic error in kext loading was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. An application may be able to execute arbitrary code with system privi... Read more

    Affected Products : macos mac_os_x
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-2724

    Race condition in the java.lang package in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, related to a "3Y Race condition in reflection checks."... Read more

    Affected Products : java_se
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2210

    Mozilla Thunderbird before 2.0.0.22 and SeaMonkey before 1.1.17 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a multipart/alternative e-mail message containing a text/enhanced part that trig... Read more

    Affected Products : thunderbird seamonkey
    • Published: Jun. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1763

    A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead to u... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-1882

    Integer overflow in the XMakeImage function in magick/xwindow.c in ImageMagick 6.5.2-8, and GraphicsMagick, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF file, which triggers a buffer o... Read more

    Affected Products : imagemagick
    • Published: Jun. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1758

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A remote attacker may be ab... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-1569

    Multiple stack-based buffer overflows in Novell iPrint Client 4.38, 5.30, and possibly other versions before 5.32 allow remote attackers to execute arbitrary code via vectors related to (1) Date and (2) Time.... Read more

    Affected Products : iprint
    • Published: Dec. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1441

    Heap-based buffer overflow in the ParamTraits<SkBitmap>::Read function in Google Chrome before 1.0.154.64 allows attackers to leverage renderer access to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related ... Read more

    Affected Products : chrome
    • Published: May. 07, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1376

    Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote at... Read more

    Affected Products : pidgin
    • Published: May. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-6932

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • Published: Sep. 14, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-1098

    Buffer overflow in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 17 and earlier; 6 Update 12 and earlier; 1.4.2_19 and earlier; and 1.3.1_24 and earlier allows remote attackers to access files or execute arbitrary code via a ... Read more

    Affected Products : jre sdk jdk
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1759

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted image ... Read more

    Affected Products : macos mac_os_x iphone_os tvos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-1744

    An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously ... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0387

    Array index error in the qtdemux_parse_samples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins (aka gst-plugins-good) 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitra... Read more

    Affected Products : good_plug-ins plug-ins
    • Published: Feb. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2021-1745

    An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted USD file may lead... Read more

    Affected Products : macos mac_os_x iphone_os ipados
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0091

    Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted A... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 293555 Results