Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2006-0025

    Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size.... Read more

    Affected Products : windows_media_player
    • Published: Jun. 13, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-1370

    Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious... Read more

    Affected Products : realplayer realone_player
    • Published: Mar. 23, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3017

    zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's... Read more

    Affected Products : php
    • Published: Jun. 14, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3059

    Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.... Read more

    Affected Products : excel_viewer excel
    • Published: Jun. 17, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3434

    Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.... Read more

    Affected Products : office
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-6456

    Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2... Read more

    Affected Products : office word word_viewer works
    • Published: Dec. 11, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-9589

    Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-3444

    The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.... Read more

    Affected Products : realplayer
    • Published: May. 20, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-1275

    Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a ... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2440

    Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Sep. 15, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-6432

    Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a malformed .PMD file, related to "Key Strings," a different vulnerability than CVE-2007-5169 and CVE-2007-53... Read more

    Affected Products : pagemaker
    • Published: Oct. 31, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4694

    Unspecified vulnerability in Adobe Flash Player 11.1.102.55 on Windows and Mac OS X allows remote attackers to execute arbitrary code via a crafted SWF file, as demonstrated by the second of two vulnerabilities exploited by the Intevydis vd_adobe_fp modul... Read more

    Affected Products : flash_player mac_os_x windows
    • Published: Dec. 07, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-1648

    Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified ... Read more

    Affected Products : debian_linux chrome opensuse
    • Published: Mar. 29, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1935

    Buffer overflow in the BufferSubData function in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allows remote attackers to execute arbitrary code via crafted WebGL content.... Read more

    Affected Products : firefox firefox_esr leap linux opensuse
    • Published: Jan. 31, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4132

    Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs list... Read more

    • Published: Jun. 16, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-3062

    Unspecified vulnerability in IBM Security QRadar SIEM 7.1 MR2 and 7.2 MR2 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    • Published: Sep. 27, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-4109

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Sep. 10, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-2927

    The rsync daemon in F5 BIG-IP 11.6 before 11.6.0, 11.5.1 before HF3, 11.5.0 before HF4, 11.4.1 before HF4, 11.4.0 before HF7, 11.3.0 before HF9, and 11.2.1 before HF11 and Enterprise Manager 3.x before 3.1.1 HF2, when configured in failover mode, does not... Read more

    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-2815

    Microsoft OneNote 2007 SP3 allows remote attackers to execute arbitrary code via a crafted OneNote file that triggers creation of an executable file in a startup folder, aka "OneNote Remote Code Execution Vulnerability."... Read more

    Affected Products : onenote
    • Published: Aug. 12, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-2827

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Aug. 12, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 293983 Results