Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-1118

    Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645.... Read more

    Affected Products : webex_recording_format_player
    • Published: Sep. 06, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1085

    Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in... Read more

    Affected Products : groupwise_messenger messenger
    • Published: Mar. 29, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1021

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1116

    Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via ... Read more

    • Published: Sep. 06, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1017

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1022

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-4174

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4248

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-1016

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.263 encoding.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1018

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1008

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1035

    The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.... Read more

    Affected Products : itunes
    • Published: Sep. 19, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1005

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-4703

    Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Sep. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2013-10055

    An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attac... Read more

    Affected Products :
    • Published: Aug. 01, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication

  • 9.3

    HIGH
    CVE-2013-1007

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2013-10049

    An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize u... Read more

    Affected Products :
    • Published: Aug. 01, 2025
    • Modified: Aug. 06, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2013-1003

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1002

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1006

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 293698 Results