Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2022-30190

    A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application... Read more

    • Actively Exploited
    • Published: Jun. 01, 2022
    • Modified: Apr. 04, 2025

  • 9.3

    HIGH
    CVE-2009-4897

    Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.... Read more

    • Published: Jul. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2712

    Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.... Read more

    Affected Products : ubuntu_linux vim
    • Published: Jun. 16, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0185

    Heap-based buffer overflow in Apple QuickTime before 7.6.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted MS ADPCM encoded audio data in an AVI movie file.... Read more

    Affected Products : quicktime
    • Published: Jun. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-3891

    Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."... Read more

    Affected Products : word
    • Published: Oct. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3976

    Unspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files.... Read more

    • Published: Aug. 04, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2008-3844

    Certain Red Hat Enterprise Linux (RHEL) 4 and 5 packages for OpenSSH, as signed in August 2008 using a legitimate Red Hat GPG key, contain an externally introduced modification (Trojan Horse) that allows the package authors to have an unknown impact. NOT... Read more

    • Published: Aug. 27, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16038

    Use after free in media in Google Chrome on OS X prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome chrome_os
    • Published: Jan. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0202

    Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0260

    Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a cra... Read more

    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0265

    Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability."... Read more

    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2022-38465

    A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) ... Read more

    • Published: Oct. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-3609

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3618

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-13808

    An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruptio... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Nov. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2012-3687

    WebKit, as used in Apple iTunes before 10.7, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-... Read more

    Affected Products : itunes iphone_os
    • Published: Sep. 13, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2022-28823

    Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by a Use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction i... Read more

    Affected Products : windows framemaker
    • Published: May. 13, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-2446

    Microsoft Internet Explorer 11 and Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2447.... Read more

    Affected Products : edge internet_explorer
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-5501

    Stack-based buffer overflow in the diagnose service in the Sophos Cyberoam appliances with CyberoamOS before 10.6.1 GA allows remote attackers to execute arbitrary code via a crafted webpage or file.... Read more

    Affected Products : cyberoam_os
    • Published: Oct. 07, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-0805

    The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows XP SP2 and SP3, and 6 SP1 allows remote attackers to execute arbitrary code via a long URL (DataURL parameter) that triggers memory corruption in the CTDC... Read more

    • Published: Mar. 31, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 294068 Results