Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2012-0708

    Heap-based buffer overflow in the Ole API in the CQOle ActiveX control in cqole.dll in IBM Rational ClearQuest 7.1.1 before 7.1.1.9, 7.1.2 before 7.1.2.6, and 8.0.0 before 8.0.0.2 allows remote attackers to execute arbitrary code via a crafted web page th... Read more

    Affected Products : rational_clearquest
    • Published: Apr. 22, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-0914

    Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.... Read more

    Affected Products : opera_browser
    • Published: Mar. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2013-1169

    Cisco Unified MeetingPlace Web Conferencing Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 2, and 8.5 before 8.5MR3 Patch 1, when the Remember Me option is used, does not properly verify cookies, which allows remote attackers to impersonate use... Read more

    • Published: Apr. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1185

    The web interface in the Manager component in Cisco Unified Computing System (UCS) 1.x and 2.x before 2.0(2m) allows remote attackers to obtain sensitive information by reading a (1) technical-support bundle file or (2) on-device configuration backup, aka... Read more

    • Published: Apr. 25, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-1826

    Integer overflow in the dtrace implementation in the kernel in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: May. 20, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-1118

    Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645.... Read more

    Affected Products : webex_recording_format_player
    • Published: Sep. 06, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1085

    Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in... Read more

    Affected Products : groupwise_messenger messenger
    • Published: Mar. 29, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1021

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted JPEG data in a movie file.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1116

    Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via ... Read more

    • Published: Sep. 06, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1017

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted dref atoms in a movie file.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1022

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted mvhd atoms in a movie file.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-4174

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4248

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-1016

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.263 encoding.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1018

    Buffer overflow in Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with H.264 encoding.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1008

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1035

    The iTunes ActiveX control in Apple iTunes before 11.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.... Read more

    Affected Products : itunes
    • Published: Sep. 19, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1005

    WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors related to iTunes Store browsing, a different vulnerability than... Read more

    • Published: May. 20, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-4703

    Bluetooth in Apple OS X before 10.12 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Sep. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2013-10055

    An unauthenticated arbitrary file upload vulnerability exists in Havalite CMS version 1.1.7 (and possibly earlier) in the upload.php script. The application fails to enforce proper file extension validation and authentication checks, allowing remote attac... Read more

    Affected Products :
    • Published: Aug. 01, 2025
    • Modified: Aug. 04, 2025
    • Vuln Type: Authentication
Showing 20 of 293947 Results