Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2003-0216

    Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.... Read more

    Affected Products : catos
    • Published: May. 12, 2003
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2020-7085

    A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it.... Read more

    Affected Products : fbx_software_development_kit
    • Published: Apr. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-7080

    A buffer overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitrary code execution on a system running it.... Read more

    Affected Products : fbx_software_development_kit
    • Published: Apr. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-7082

    A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it.... Read more

    Affected Products : fbx_software_development_kit
    • Published: Apr. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-7081

    A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it.... Read more

    Affected Products : fbx_software_development_kit
    • Published: Apr. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0770

    Buffer overflow in GraphicsMagick and ImageMagick allows user-assisted remote attackers to cause a denial of service and possibly execute arbitrary code via a PALM image that is not properly handled by the ReadPALMImage function in coders/palm.c. NOTE: th... Read more

    Affected Products : imagemagick graphicsmagick
    • Published: Feb. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0127

    The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that... Read more

    Affected Products : opera_browser
    • Published: Jan. 09, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0031

    Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries... Read more

    Affected Products : office excel_viewer excel works
    • Published: Jan. 09, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0030

    Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memor... Read more

    Affected Products : office excel_viewer excel works
    • Published: Jan. 09, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-7040

    storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBac... Read more

    • Published: Jan. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-6143

    The RPC library in Kerberos 5 1.4 through 1.4.4, and 1.5 through 1.5.1, as used in Kerberos administration daemon (kadmind) and other products that use this library, calls an uninitialized function pointer in freed memory, which allows remote attackers to... Read more

    Affected Products : ubuntu_linux kerberos_5
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-6121

    Acer Notebook LunchApp.APlunch ActiveX control allows remote attackers to execute arbitrary commands by calling the Run method.... Read more

    Affected Products : lunchapp.aplunch
    • Published: Nov. 26, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1203

    Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruptio... Read more

    Affected Products : excel_viewer excel
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-0064

    Stack-based buffer overflow in Pierre-emmanuel Gougelet (1) XnView 1.91 and 1.92, (2) NConvert 4.85, and (3) libgfl280.dll in GFL SDK 2.870 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file... Read more

    Affected Products : gfl_sdk nconvert xnview
    • Published: Jan. 31, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4220

    Investintech.com SlimPDF Reader does not properly restrict the arguments to unspecified function calls, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document.... Read more

    Affected Products : slimpdf_reader
    • Published: Nov. 01, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-5386

    Siemens SICAM MIC devices with firmware before 2404 allow remote attackers to bypass authentication and obtain administrative access via unspecified HTTP requests.... Read more

    Affected Products : sicam_mic_firmware sicam_mic
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-5362

    The BFD daemon in Juniper Junos OS 12.1X44 before 12.1X44-D50, 12.1X46 before 12.1X46-D35, 12.1X47 before 12.1X47-D25, 12.3 before 12.3R10, 12.3X48 before 12.3X48-D15, 13.2 before 13.2R8, 13.3 before 13.3R6, 14.1 before 14.1R5, 14.1X50 before 14.1X50-D85,... Read more

    Affected Products : junos junos
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2017-3068

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: May. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    CRITICAL
    CVE-2025-22224

    VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual... Read more

    • Actively Exploited
    • Published: Mar. 04, 2025
    • Modified: Mar. 05, 2025
    • Vuln Type: Memory Corruption

  • 9.3

    HIGH
    CVE-2015-4821

    Unspecified vulnerability in the Integrated Lights Out Manager (ILOM) component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web.... Read more

    • Published: Oct. 21, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293620 Results