Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2014-6374

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Dec. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-6343

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Nov. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-6327

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-6329... Read more

    Affected Products : internet_explorer
    • Published: Dec. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-6369

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Dec. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-6347

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Nov. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2020-0603

    A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Co... Read more

    • Published: Jan. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-31854

    A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe. The malicious clean.exe file is placed into the relevant folder and executed by running the McAf... Read more

    Affected Products : agent
    • Published: Jan. 19, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-6357

    Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold and SP1... Read more

    • Published: Dec. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-6351

    Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Nov. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2019-1200

    A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security c... Read more

    Affected Products : office office_365_proplus outlook
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0626

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1930

    A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in ... Read more

    Affected Products : spamassassin
    • Published: Jan. 30, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-30190

    A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application... Read more

    • Actively Exploited
    • Published: Jun. 01, 2022
    • Modified: Apr. 04, 2025

  • 9.3

    HIGH
    CVE-2009-4897

    Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.... Read more

    • Published: Jul. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2712

    Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.... Read more

    Affected Products : ubuntu_linux vim
    • Published: Jun. 16, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0185

    Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.... Read more

    Affected Products : quicktime
    • Published: Jun. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-3891

    Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."... Read more

    Affected Products : word
    • Published: Oct. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3976

    Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files.... Read more

    • Published: Aug. 04, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2008-3844

    Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOT... Read more

    • Published: Aug. 27, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16038

    Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome chrome_os
    • Published: Jan. 08, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 293696 Results