Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2008-5259

    Integer signedness error in DivX Web Player 1.4.2.7, and possibly earlier versions, allows remote attackers to execute arbitrary code via a DivX file containing a crafted Stream Format (STRF) chunk, which triggers a heap-based buffer overflow.... Read more

    Affected Products : divx_web_player
    • Published: Apr. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-6184

    The CAttrArray object implementation in Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and memory corruption) via a malformed Cascading Style Sheets (CSS) token seque... Read more

    Affected Products : windows_10 internet_explorer
    • Published: Mar. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2008-4259

    Microsoft Internet Explorer 7 sometimes attempts to access uninitialized memory locations, which allows remote attackers to execute arbitrary code via a crafted HTML document that triggers memory corruption, related to a WebDAV request for a file with a l... Read more

    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3837

    Mozilla Firefox before 2.0.0.17 and 3.x before 3.0.2, and SeaMonkey before 1.1.12, allow user-assisted remote attackers to move a window during a mouse click, and possibly force a file download or unspecified other drag-and-drop action, via a crafted onmo... Read more

    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-6160

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140... Read more

    Affected Products : internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2008-3647

    Buffer overflow in PSNormalizer in Mac OS X 10.4.11 and 10.5.5 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a PostScript file with a crafted bounding box comment.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Oct. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-6172

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft Office... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6166

    Microsoft Silverlight 5 before 5.1.41105.00 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read or write access) via unspecified open and close requests, aka "Microsoft Silverlight RCE Vulnerability."... Read more

    Affected Products : silverlight
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2008-3004

    Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitr... Read more

    Affected Products : office office_excel_viewer
    • Published: Aug. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3013

    gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewe... Read more

    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2020-8025

    A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the per... Read more

    • Published: Aug. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-6162

    Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6152... Read more

    Affected Products : internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2008-1186

    Unspecified vulnerability in the Virtual Machine for Sun Java Runtime Environment (JRE) and JDK 5.0 Update 13 and earlier, and SDK/JRE 1.4.2_16 and earlier, allows remote attackers to gain privileges via an untrusted application or applet, a different iss... Read more

    Affected Products : jre sdk jdk
    • Published: Mar. 06, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-6149

    Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015... Read more

    Affected Products : internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6150

    Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6140

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability ... Read more

    Affected Products : edge internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2008-1087

    Stack-based buffer overflow in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arbitrary code via an EMF image file with crafted filename parameters, aka "GDI Stack Overflow Vul... Read more

    • Published: Apr. 08, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0965

    Multiple format string vulnerabilities in snoop on Sun Solaris 8 through 10 and OpenSolaris before snv_96, when the -o option is omitted, allow remote attackers to execute arbitrary code via format string specifiers in an SMB packet.... Read more

    Affected Products : solaris opensolaris sunos
    • Published: Aug. 08, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-6151

    Microsoft Internet Explorer 8 through 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vuln... Read more

    Affected Products : edge internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6143

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-6140... Read more

    Affected Products : internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293605 Results