Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-1688

    The Profiler implementation in Mozilla Firefox before 22.0 parses untrusted data during UI rendering, which allows user-assisted remote attackers to execute arbitrary JavaScript code via a crafted web site.... Read more

    Affected Products : firefox
    • Published: Jun. 26, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1690

    Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a de... Read more

    • Actively Exploited
    • Published: Jun. 26, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3175

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 and Thunderbird 3.1.x before 3.1.5 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrar... Read more

    Affected Products : firefox thunderbird
    • Published: Oct. 21, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-0936

    Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service... Read more

    • Published: Jan. 14, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-1674

    Use-after-free vulnerability in Mozilla Firefox before 21.0, Firefox ESR 17.x before 17.0.6, Thunderbird before 17.0.6, and Thunderbird ESR 17.x before 17.0.6 allows remote attackers to execute arbitrary code via vectors involving an onresize event during... Read more

    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0117

    RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not properly handle dimensions during YUV420 transformations, which might allow remote attackers to execute arbitrary code via crafted MP4 content.... Read more

    Affected Products : realplayer windows realplayer_sp
    • Published: Aug. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1638

    Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document.... Read more

    Affected Products : opera_browser
    • Published: Feb. 08, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1685

    Use-after-free vulnerability in the nsIDocument::GetRootElement function in Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 allows remote attackers to execute arbitrary code or... Read more

    • Published: Jun. 26, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3845

    Stack-based buffer overflow in lzh.fmt in WinRAR 3.00 through 3.60 beta 6 allows remote attackers to execute arbitrary code via a long filename in a LHA archive.... Read more

    Affected Products : winrar
    • Published: Jul. 25, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-6504

    Mozilla Firefox 2.x before 2.0.0.1, 1.5.x before 1.5.0.9, and SeaMonkey before 1.0.7 allows remote attackers to execute arbitrary code by appending an SVG comment DOM node to another type of document, which triggers memory corruption.... Read more

    Affected Products : firefox ubuntu_linux seamonkey
    • Published: Dec. 20, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0515

    Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdroppe... Read more

    Affected Products : office word word_viewer works
    • Published: Jan. 26, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-25178

    ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploading of applications. Data is transferred over this protoco... Read more

    • Published: Mar. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0942

    Microsoft Internet Explorer 5.01 SP4 on Windows 2000 SP4; 6 SP1 on Windows 2000 SP4; 6 and 7 on Windows XP SP2, or Windows Server 2003 SP1 or SP2; and possibly 7 on Windows Vista does not properly "instantiate certain COM objects as ActiveX controls," whi... Read more

    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-1331

    Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."... Read more

    Affected Products : office
    • Actively Exploited
    • Published: Jun. 12, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-3902

    Use-after-free vulnerability in the CRecalcProperty function in mshtml.dll in Microsoft Internet Explorer 5.01 through 7 allows remote attackers to execute arbitrary code by calling the setExpression method and then modifying the outerHTML property of an ... Read more

    Affected Products : internet_explorer ie
    • Published: Dec. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-1324

    Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Stack Buffer Overwrite Vulnerability."... Read more

    Affected Products : office office_2013_rt
    • Published: Nov. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1328

    Microsoft Publisher 2003 SP3, 2007 SP3, and 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers incorrect pointer handling, aka "Publisher Pointer Handling Vulnerability."... Read more

    Affected Products : publisher
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-4188

    Session fixation vulnerability in Joomla! before 1.0.13 (aka Sunglow) allows remote attackers to hijack administrative web sessions via unspecified vectors.... Read more

    Affected Products : joomla\! joomla
    • Published: Aug. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-1307

    Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulner... Read more

    Affected Products : internet_explorer
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1317

    Integer overflow in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper allocation-size calculation, aka "Publisher Integer Overflow Vulnerability."... Read more

    Affected Products : publisher
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293667 Results