Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-1908

    Integer overflow in the Type 1 font decoder in the FreeType engine in Foxit Reader before 4.0.0.0619 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font in a PDF document.... Read more

    Affected Products : foxit_reader reader
    • Published: Jun. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-0277

    Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0278 ... Read more

    Affected Products : internet_explorer
    • Published: Feb. 12, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3624

    Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via a crafted image.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 06, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3632

    Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-20... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 06, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-4388

    IOKit in Apple iOS before 8 and Apple TV before 7 does not properly validate IODataQueue object metadata, which allows attackers to execute arbitrary code in a privileged context via an application that provides crafted values in unspecified metadata fiel... Read more

    Affected Products : mac_os_x iphone_os tvos
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-3647

    Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) vi... Read more

    • Published: Nov. 07, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-4381

    Libnotify in Apple iOS before 8 and Apple TV before 7 lacks proper bounds checking on write operations, which allows attackers to execute arbitrary code as root via a crafted application.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-3768

    Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an operating system's font implementation, which allows remo... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Dec. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2020-36167

    An issue was discovered in the server in Veritas Backup Exec through 16.2, 20.6 before hotfix 298543, and 21.1 before hotfix 657517. On start-up, it loads the OpenSSL library from the Installation folder. This library in turn attempts to load the /usr/loc... Read more

    Affected Products : backup_exec
    • Published: Jan. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1564

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more

    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2020-36162

    An issue was discovered in Veritas CloudPoint before 8.3.0.1+hotfix. The CloudPoint Windows Agent leverages OpenSSL. This OpenSSL library attempts to load the \usr\local\ssl\openssl.cnf configuration file, which does not exist. By default, on Windows syst... Read more

    • Published: Jan. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-1697

    The XrayWrapper implementation in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 does not properly restrict use of DefaultValue for method calls, which allows remote attackers... Read more

    • Published: Jun. 26, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1724

    Use-after-free vulnerability in the mozilla::dom::HTMLFormElement::IsDefaultSubmitElement function in Mozilla Firefox before 24.0, Thunderbird before 24.0, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary code or cause a denial of se... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Sep. 18, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2020-36163

    An issue was discovered in Veritas NetBackup and OpsCenter through 8.3.0.1. NetBackup processes using Strawberry Perl attempt to load and execute libraries from paths that do not exist by default on the Windows operating system. By default, on Windows sys... Read more

    Affected Products : windows netbackup opscenter
    • Published: Jan. 06, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-4247

    Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.... Read more

    Affected Products : jdk jre
    • Published: Jul. 17, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-2862

    Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Aug. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3966

    Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contai... Read more

    Affected Products : windows_7 windows_server_2008
    • Published: Dec. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-40736

    Adobe Audition version 14.4 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.... Read more

    Affected Products : macos windows audition
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-16509

    An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instructio... Read more

    • Published: Sep. 05, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0449

    Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via... Read more

    • Published: Feb. 01, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293940 Results