Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-1774

    WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses out-of-bounds memory during processing of HTML tables, which allows remote attackers to execute arbitrary code or cause a denial of serv... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1400

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors in... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-0006

    Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code v... Read more

    • Published: Feb. 14, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2010-2559

    Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitiali... Read more

    • Published: Aug. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-0736

    Integer overflow in the RPC library in Libinfo in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to execute arbitrary code via crafted requests to portmap.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Apr. 24, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-0763

    Use-after-free vulnerability in Mozilla Firefox before 18.0, Firefox ESR 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 17.x before 17.0.1, and SeaMonkey before 2.15 allows remote attackers to execute arbitrary code or cause a denial of se... Read more

    • Published: Jan. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-2452

    Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2441.... Read more

    Affected Products : internet_explorer
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-2564

    Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability."... Read more

    Affected Products : windows_movie_maker
    • Published: Aug. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-6155

    Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability."... Read more

    Affected Products : edge internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-4901

    Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.... Read more

    Affected Products : jdk jre
    • Published: Oct. 22, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2017-16375

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to an untrusted pointer dereference in ... Read more

    • Published: Dec. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2020-36327

    Bundler 1.16.0 through 2.2.9 and 2.2.11 through 2.2.16 sometimes chooses a dependency source based on the highest gem version number, which means that a rogue gem found at a public source may be chosen, even if the intended choice was a private gem that i... Read more

    • Published: Apr. 29, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-26757

    A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. An application may be able to exec... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-6364

    Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerab... Read more

    Affected Products : office
    • Published: Dec. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-0688

    Intel Alert Management System (aka AMS or AMS2), as used in Symantec Antivirus Corporate Edition (SAVCE) 10.x before 10.1 MR10, Symantec System Center (SSC) 10.x, and Symantec Quarantine Server 3.5 and 3.6, allows remote attackers to execute arbitrary com... Read more

    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-4619

    EMC RSA Identity Management and Governance (IMG) 6.5.x before 6.5.1 P11, 6.5.2 before P02HF01, and 6.8.x before 6.8.1 P07, when Novell Identity Manager (aka NovellIM) is used, allows remote attackers to bypass authentication via an arbitrary valid usernam... Read more

    • Published: Aug. 28, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2012-1127

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap read operation and memory corruption) or possibly execute arbitrary code via crafted glyph or bit... Read more

    Affected Products : freetype firefox_mobile
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-9642

    Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : windows illustrator
    • Published: Jun. 25, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-4461

    The kernel in Apple iOS before 8.1.1 and Apple TV before 7.0.2 does not properly validate IOSharedDataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via a crafted application.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • Published: Nov. 18, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-1244

    Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.... Read more

    Affected Products : quicktime
    • Published: Feb. 27, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 294068 Results