Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-3857

    Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to ... Read more

    • Published: Sep. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-2802

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-2787... Read more

    Affected Products : internet_explorer
    • Published: Jul. 08, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2017-3057

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to ... Read more

    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2007-3734

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 2.0.0.5 and Thunderbird before 2.0.0.5 allow remote attackers to cause a denial of service (crash) via unspecified vectors that trigger memory corruption.... Read more

    Affected Products : firefox thunderbird
    • Published: Jul. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-0216

    Off-by-one error in libxml in Apple Safari before 5.0.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via a crafted web site.... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-9788

    A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.5. A file may be incorrectly rendered to execute JavaScript.... Read more

    Affected Products : macos mac_os_x
    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2930

    Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability due to a concurrency error when manipulating a display list. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2014-3701

    eDeploy has tmp file race condition flaws... Read more

    Affected Products : jboss_enterprise_web_server edeploy
    • Published: Dec. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-2998

    Adobe Flash Player versions 24.0.0.221 and earlier have an exploitable memory corruption vulnerability in the Primetime TVSDK API functionality related to timeline interactions. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Mar. 14, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2007-3832

    Buffer overflow in the AOL Instant Messenger (AIM) protocol handler in AIM.DLL in Cerulean Studios Trillian allows remote attackers to execute arbitrary code via a malformed aim: URI, as demonstrated by a long URI beginning with the aim:///#1111111/ subst... Read more

    Affected Products : trillian
    • Published: Jul. 17, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-0233

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-0025

    Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size.... Read more

    Affected Products : windows_media_player
    • Published: Jun. 13, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-1370

    Buffer overflow in RealNetworks RealPlayer 10.5 6.0.12.1040 through 6.0.12.1348, RealPlayer 10, RealOne Player v2, RealOne Player v1, RealPlayer 8, and RealPlayer Enterprise before 20060322 allows remote attackers to have an unknown impact via a malicious... Read more

    Affected Products : realplayer realone_player
    • Published: Mar. 23, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3017

    zend_hash_del_key_or_index in zend_hash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zend_hash_del to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's... Read more

    Affected Products : php
    • Published: Jun. 14, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3059

    Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.... Read more

    Affected Products : excel_viewer excel
    • Published: Jun. 17, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3434

    Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.... Read more

    Affected Products : office
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-6456

    Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2... Read more

    Affected Products : office word word_viewer works
    • Published: Dec. 11, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-9589

    Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-3444

    The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (write access violation and application crash) via a malformed .3gp file.... Read more

    Affected Products : realplayer
    • Published: May. 20, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-1275

    Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a ... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294316 Results