Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2012-6553

    Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote attackers to execute arbitrary code via a Portable Executable (PE) file with a resource section containing a string that has many tab or line feed characters.... Read more

    Affected Products : resource_hacker
    • Published: May. 23, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6470

    Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.... Read more

    Affected Products : opera_browser
    • Published: Jan. 02, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-1537

    Unspecified vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 allows remote attackers to execute arbitrary code via... Read more

    • Published: May. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-2160

    Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via an invalid offset in an unspecified undocumented opc... Read more

    Affected Products : flash_player flash_player air
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1310

    Use-after-free vulnerability in Microsoft Internet Explorer 6 and 7 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6349

    Buffer overflow in the .mdb parser in Autonomy KeyView IDOL, as used in IBM Notes 8.5.x before 8.5.3 FP4, allows remote attackers to execute arbitrary code via a crafted file, aka SPR KLYH92XL3W.... Read more

    Affected Products : lotus_notes notes keyview_idol
    • Published: Jul. 18, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-1866

    Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : flash_player air flex
    • Published: Jul. 31, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2012-6270

    Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related ... Read more

    Affected Products : shockwave_player
    • Published: Dec. 20, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-6297

    Command Injection vulnerability exists via a CSRF in DD-WRT 24-sp2 from specially crafted configuration values containing shell meta-characters, which could let a remote malicious user cause a Denial of Service.... Read more

    Affected Products : dd-wrt
    • Published: Feb. 06, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0922

    Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer,... Read more

    • Published: Mar. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-2569

    pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP2 does not properly handle an unspecified size field in certain older file formats, which allows remote attackers to execute arbitrary code or cause a deni... Read more

    Affected Products : publisher
    • Published: Dec. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2307

    Unspecified vulnerability in WebKit in Apple Safari before 3.1.2, as distributed in Mac OS X before 10.5.4, and standalone for Windows and Mac OS X 10.4, allows remote attackers to cause a denial of service (application crash) or execute arbitrary code vi... Read more

    • Published: Jun. 23, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-3311

    Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Compact Font Format (CFF) font file... Read more

    Affected Products : freetype
    • Published: Jan. 07, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3453

    The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote ... Read more

    Affected Products : ubuntu_linux debian_linux openoffice
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3450

    Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow remote attackers to overwrite arbitrary files via a .. (dot dot) in an entry in (1) an XSLT JAR filter description file, (2) an Extension (aka OXT) file, or ... Read more

    Affected Products : ubuntu_linux debian_linux openoffice
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2985

    Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3033

    Buffer overflow in the RunCmd method in the Altiris eXpress NS Console Utilities ActiveX control in AeXNSConsoleUtilities.dll in the web console in Symantec Altiris Deployment Solution 6.9.x, Altiris Notification Server 6.0.x, and Management Platform 7.0.... Read more

    • Published: Nov. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-3625

    Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability."... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 06, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-3076

    Mozilla Firefox before 3.0.14 does not properly implement certain dialogs associated with the (1) pkcs11.addmodule and (2) pkcs11.deletemodule operations, which makes it easier for remote attackers to trick a user into installing or removing an arbitrary ... Read more

    Affected Products : firefox
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-0039

    Microsoft Windows Vista SP2 and Server 2008 SP2 mishandle dynamic link library (DLL) loading, which allows local users to gain privileges via a crafted application, aka "Library Loading Input Validation Remote Code Execution Vulnerability."... Read more

    Affected Products : windows_server_2008 windows_vista
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293942 Results