Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2012-0646

    Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.... Read more

    Affected Products : iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3430

    The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configu... Read more

    Affected Products : iphone_os
    • Published: Oct. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4741

    Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Manager allows remote MDM Gateways to execute arbitrary code via crafted data in a session on TCP port 54321.... Read more

    Affected Products : device_manager mdm_tool
    • Published: Feb. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-3460

    Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2989

    Integer overflow in Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2984

    Unspecified vulnerability in the image decoder in Adobe Acrobat 9.x before 9.2, and possibly 7.x through 7.1.4 and 8.x through 8.1.7, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : acrobat
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2014-7216

    Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) shortcut or (2) title keys in an emoticons.xml file.... Read more

    Affected Products : messenger
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2020-3710

    Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows illustrator_cc
    • Published: Jan. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-8669

    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Proc... Read more

    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-2061

    Mozilla Firefox before 3.0.10 processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify a 30... Read more

    Affected Products : firefox
    • Published: Jun. 15, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-3647

    The JSSubScriptLoader in Mozilla Firefox before 3.6.24 and Thunderbird before 3.1.6 does not properly handle XPCNativeWrappers during calls to the loadSubScript method in an add-on, which makes it easier for remote attackers to gain privileges via a craft... Read more

    Affected Products : firefox thunderbird
    • Published: Nov. 09, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-8846

    A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted w... Read more

    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-4000

    Buffer overflow in ChaSen 2.4.x allows remote attackers to execute arbitrary code via a crafted string.... Read more

    Affected Products : chasen
    • Published: Nov. 08, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-3604

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elem... Read more

    • Published: Nov. 06, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-2389

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-20... Read more

    Affected Products : internet_explorer
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-0775

    Use-after-free vulnerability in the nsImageLoadingContent::OnStopContainer function in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbird ESR 17.x before 17.0.3, and SeaMonkey before 2.16 allows remote atta... Read more

    • Published: Feb. 19, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-1145

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then inst... Read more

    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-28825

    Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interac... Read more

    Affected Products : windows framemaker
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-6485

    Unspecified vulnerability in Oracle Java SE 8u20 and JavaFX 2.2.65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : jre
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-6456

    Unspecified vulnerability in Oracle Java SE 7u67 and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : jdk jre
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 293973 Results