Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-31854

    A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAf... Read more

    Affected Products : agent
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-6357

    Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold and SP1... Read more

    • Published: Dec. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-6351

    Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Nov. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2019-1200

    A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security c... Read more

    Affected Products : office office_365_proplus outlook
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0626

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1930

    A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in ... Read more

    Affected Products : spamassassin
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-30190

    A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application... Read more

    • Actively Exploited
    • Published: Jun. 01, 2022
    • Modified: Apr. 04, 2025

  • 9.3

    HIGH
    CVE-2009-4897

    Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.... Read more

    • Published: Jul. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2712

    Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.... Read more

    Affected Products : ubuntu_linux vim
    • Published: Jun. 16, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0185

    Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.... Read more

    Affected Products : quicktime
    • Published: Jun. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-3891

    Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."... Read more

    Affected Products : word
    • Published: Oct. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3976

    Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files.... Read more

    • Published: Aug. 04, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2008-3844

    Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOT... Read more

    • Published: Aug. 27, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16038

    Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome chrome_os
    • Published: Jan. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0202

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0260

    Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a cra... Read more

    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0265

    Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability."... Read more

    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2022-38465

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) ... Read more

    • Published: Oct. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-3609

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3618

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293620 Results