Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-3910

    Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Nov. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3886

    Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Oct. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3882

    Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3872... Read more

    Affected Products : internet_explorer
    • Published: Oct. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3871

    Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Oct. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2020-9265

    phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.... Read more

    Affected Products : phpmychat-plus
    • Published: Feb. 18, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-3201

    Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-201... Read more

    Affected Products : internet_explorer
    • Published: Sep. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3193

    Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-201... Read more

    Affected Products : internet_explorer
    • Published: Aug. 14, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3184

    Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Aug. 14, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3163

    Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    • Actively Exploited
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3126

    Microsoft Internet Explorer 9 and 10, when script debugging is enabled, does not properly handle objects in memory during the processing of script, which allows remote attackers to execute arbitrary code via a crafted web site, aka "Internet Explorer Scri... Read more

    Affected Products : internet_explorer
    • Published: Jun. 12, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3008

    Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006.... Read more

    Affected Products : java
    • Published: Jul. 23, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-2421

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot... Read more

    Affected Products : jdk jre
    • Published: Apr. 17, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1296

    The Remote Desktop ActiveX control in mstscax.dll in Microsoft Remote Desktop Connection Client 6.1 and 7.0 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a web page that triggers access to a delete... Read more

    Affected Products : remote_desktop_connection
    • Published: Apr. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1182

    The login page in the Web Console in the Manager component in Cisco Unified Computing System (UCS) before 1.0(2h), 1.1 before 1.1(1j), and 1.3(x) allows remote attackers to bypass LDAP authentication via a malformed request, aka Bug ID CSCtc91207.... Read more

    • Published: Apr. 25, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-6637

    The MediaTek misc-sd driver in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application, aka internal bug 25307013.... Read more

    Affected Products : android
    • Published: Jan. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-0782

    Heap-based buffer overflow in the nsSaveAsCharset::DoCharsetConversion function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote attacker... Read more

    • Published: Feb. 19, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0750

    Integer overflow in the JavaScript implementation in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 allo... Read more

    • Published: Jan. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2020-8973

    ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, does not properly accept specially constructed requests. This allows an attacker with access to the network where the affected asset is located, to operate and change several parameters... Read more

    • Published: Oct. 17, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-6633

    The display drivers in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 23987307.... Read more

    Affected Products : android
    • Published: Dec. 08, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6623

    Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 24872703.... Read more

    Affected Products : android
    • Published: Dec. 08, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293602 Results