Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-2868

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2895

    The LZW decompressor in (1) the BufCompressedFill function in fontfile/decompress.c in X.Org libXfont before 1.4.4 and (2) compress/compress.c in 4.3BSD, as used in zopen.c in OpenBSD before 3.8, FreeBSD, NetBSD 4.0.x and 5.0.x before 5.0.3 and 5.1.x befo... Read more

    Affected Products : freebsd netbsd openbsd libxfont freetype
    • Published: Aug. 19, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-6021

    Buffer overflow in WGagent in WatchGuard WSM and Fireware before 11.8 allows remote attackers to execute arbitrary code via a long sessionid value in a cookie.... Read more

    Affected Products : fireware
    • Published: Oct. 19, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2013-6014

    Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy AR... Read more

    Affected Products : junos junos
    • Published: Oct. 28, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3219

    Buffer overflow in CoreMedia, as used in Apple iTunes before 10.5, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.... Read more

    • Published: Oct. 12, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5889

    Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415,... Read more

    Affected Products : jdk jre
    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-0774

    The layout engine in Mozilla Firefox 2 and 3 before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey 1.1.15 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to gczeal, a different vulner... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Mar. 05, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-5850

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors re... Read more

    Affected Products : jdk jre jre jdk
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5844

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.... Read more

    Affected Products : jdk jre javafx
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5810

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : jdk jre javafx
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2949

    Integer overflow in the XPMReader::ReadXPM function in filter.vcl/ixpm/svt_xpmread.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to execute arbitrary code via a crafted XPM file that triggers a heap-based buffer overflow.... Read more

    Affected Products : ubuntu_linux debian_linux openoffice
    • Published: Feb. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5806

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013... Read more

    Affected Products : jdk jre
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-1862

    Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a... Read more

    Affected Products : flash_player acrobat acrobat_reader
    • Actively Exploited
    • Published: Jul. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-5578

    Buffer overflow in the ToDot method in the WINGRAPHVIZLib.NEATO ActiveX control in WinGraphviz.dll in StarUML allows remote attackers to execute arbitrary code via a long argument.... Read more

    Affected Products : staruml
    • Published: Aug. 25, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5456

    The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged bl... Read more

    Affected Products : java
    • Published: Nov. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5458

    Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : java
    • Published: Nov. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5365

    Heap-based buffer overflow in Autodesk SketchBook for Enterprise 2014, Pro, and Express before 6.25, and Copic Edition before 2.0.2 allows remote attackers to execute arbitrary code via RLE-compressed channel data in a PSD file.... Read more

    • Published: Apr. 02, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-5332

    Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow a... Read more

    • Published: Dec. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2727

    Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote attacke... Read more

    Affected Products : aix
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-3117

    Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3122 ... Read more

    Affected Products : internet_explorer
    • Published: Jun. 12, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293643 Results