Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-2097

    ZPanel through 10.1.0 has Remote Command Execution... Read more

    Affected Products : zpanel
    • Published: Feb. 12, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-0561

    Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Mi... Read more

    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1759

    Stack-based buffer overflow in the btFiles::BuildFromMI function (trunk/btfiles.cpp) in Enhanced CTorrent (aka dTorrent) 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service (crash) and possibly execute arbi... Read more

    Affected Products : dtorrent ctorrent
    • Published: May. 22, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-2115

    Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for ... Read more

    Affected Products : struts
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-8642

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler befor... Read more

    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2007-4821

    Buffer overflow in a certain ActiveX control in officeviewer.ocx 5.2.218.1 in EDraw Office Viewer Component 5.2 allows remote attackers to execute arbitrary code via a long first argument to the HttpDownloadFileToTempDir method, a different vulnerability ... Read more

    Affected Products : office_viewer_component
    • Published: Sep. 11, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-2090

    The set_meta_data function in lib/cremefraiche.rb in the Creme Fraiche gem before 0.6.1 for Ruby allows remote attackers to execute arbitrary commands via shell metacharacters in the file name of an email attachment. NOTE: some of these details are obtai... Read more

    Affected Products : creme_fraiche
    • Published: May. 27, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-1797

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-20... Read more

    Affected Products : internet_explorer
    • Published: Jun. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-2019

    Stack-based buffer overflow in BOINC 6.10.58 and 6.12.34 allows remote attackers to have unspecified impact via multiple file_signature elements.... Read more

    Affected Products : boinc boinc boinc_client
    • Published: Jun. 02, 2014
    • Modified: Jul. 08, 2025

  • 9.3

    HIGH
    CVE-2007-2867

    Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service (cr... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Jun. 01, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-1966

    Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag.... Read more

    Affected Products : struts
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1947

    kelredd-pruview gem 0.3.8 for Ruby allows context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument to (1) document.rb, (2) video.rb, or (3) video_image.rb.... Read more

    Affected Products : ruby kelredd-pruview
    • Published: Apr. 25, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2255

    Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via unknown vectors, a different vulnerability than CVE-2008-2254, aka "HTML Object Mem... Read more

    Affected Products : internet_explorer
    • Published: Aug. 13, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-1961

    Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.... Read more

    Affected Products : libtiff libtiff
    • Published: Jul. 03, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3153

    Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3156

    Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access File Format Memory Corruption Vulnerability... Read more

    Affected Products : access
    • Published: Sep. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3189

    Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2013... Read more

    Affected Products : internet_explorer
    • Published: Aug. 14, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3203

    Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-201... Read more

    Affected Products : internet_explorer
    • Published: Sep. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1687

    The System Only Wrapper (SOW) and Chrome Object Wrapper (COW) implementations in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly restrict XBL user-defined funct... Read more

    • Published: Jun. 26, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2016-0088

    Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted application, aka "Hyper-V Remote Code Execution Vulnerability."... Read more

    • Published: Apr. 12, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293781 Results