Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2015-0492

    Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0484.... Read more

    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-2115

    IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than ... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3631

    Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 06, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3636

    Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web se... Read more

    • Published: Nov. 07, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3644

    Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) vi... Read more

    • Published: Nov. 07, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3650

    Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) vi... Read more

    • Published: Nov. 07, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-0071

    Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a... Read more

    Affected Products : flash_player
    • Published: Apr. 09, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4384

    Multiple stack-based buffer overflows in MGI Software LPViewer ActiveX control (LPControl.dll), as acquired by Roxio and iseemedia, allow remote attackers to execute arbitrary code via the (1) url, (2) toolbar, and (3) enableZoomPastMax methods.... Read more

    Affected Products : lpviewer lpviewer lpviewer
    • Published: Oct. 07, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-3776

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allow remote attackers to cause a denial of service (memory ... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Dec. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-7611

    Apache James Server 2.3.2, when configured with file-based user repositories, allows attackers to execute arbitrary system commands via unspecified vectors.... Read more

    Affected Products : james james_server
    • Published: Jun. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-1735

    Use-after-free vulnerability in the mozilla::layout::ScrollbarActivity function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers ... Read more

    • Published: Sep. 18, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1750

    Heap-based buffer overflow in RealNetworks RealPlayer before 16.0.1.18 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a malformed MP4 file.... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Mar. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1142

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via crafted glyph-outli... Read more

    Affected Products : freetype firefox_mobile
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1522

    Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Cached Object Remote Code Execution Vulnerability."... Read more

    • Published: Jul. 10, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-2135

    Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice.... Read more

    Affected Products : struts
    • Published: Jul. 16, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-2097

    ZPanel through 10.1.0 has Remote Command Execution... Read more

    Affected Products : zpanel
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0561

    Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Mi... Read more

    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1759

    Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service (crash) and possibly execute arbi... Read more

    Affected Products : dtorrent ctorrent
    • Published: May. 22, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-2115

    Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for ... Read more

    Affected Products : struts
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-8642

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler befor... Read more

    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293656 Results