Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-2164

    Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors related to an unspecified "image type within a certai... Read more

    Affected Products : flash_player flash_player air
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2189

    Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, when used in conjunction with VMWare Tools on a VMWare platform, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitr... Read more

    Affected Products : flash_player flash_player air
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4924

    Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Alert method.... Read more

    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4914

    Stack-based buffer overflow in the reader in CoolPDF 3.0.2.256 allows remote attackers to execute arbitrary code via a PDF document with a crafted stream.... Read more

    Affected Products : coolpdf
    • Published: Jan. 26, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4875

    Heap-based buffer overflow in gdevwpr2.c in Ghostscript 9.04, when processing the OutputFile device parameter, allows user-assisted remote attackers to execute arbitrary code via a long file name in a PostScript document. NOTE: as of 20120314, the develo... Read more

    Affected Products : gpl_ghostscript
    • Published: Sep. 06, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4907

    Google Chrome before 18.0.1025308 on Android does not properly restrict access from JavaScript code to Android APIs, which allows remote attackers to have an unspecified impact via a crafted web page.... Read more

    Affected Products : android chrome
    • Published: Sep. 13, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4823

    Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli... Read more

    • Published: Jan. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2024-21810

    Improper input validation in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more

    • Published: Aug. 14, 2024
    • Modified: Aug. 14, 2024

  • 9.3

    HIGH
    CVE-2012-4865

    Buffer overflow in Oreans Themida 2.1.8.0 allows remote attackers to execute arbitrary code via a crafted .TMD file.... Read more

    Affected Products : themida
    • Published: Sep. 06, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2567

    The RPC client implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly allocate memory during the parsing of responses, which allows remote RPC servers and man-in-the-middle attackers to execute arbitrary code via a malfor... Read more

    Affected Products : windows_server_2003 windows_xp
    • Published: Sep. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4782

    Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "CMarkup Use After Free Vulnerability."... Read more

    • Published: Dec. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4774

    Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted (1) file name or (2) subfolder name that trigg... Read more

    • Published: Dec. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2760

    Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via ve... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Sep. 09, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4775

    Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreeNode Use After Free Vulnerability."... Read more

    • Published: Nov. 14, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4822

    Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Cha... Read more

    • Published: Jan. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4700

    Multiple buffer overflows in an ActiveX control in PE3DO32A.ocx in IntegraXor SCADA Server 4.00 build 4250.0 and earlier allow remote attackers to execute arbitrary code via a crafted HTML document.... Read more

    Affected Products : integraxor
    • Published: Feb. 08, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4655

    The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components... Read more

    Affected Products : secure_desktop
    • Published: Sep. 24, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4614

    The default configuration of EMC Smarts Network Configuration Manager (NCM) before 9.1 does not require authentication for database access, which allows remote attackers to have an unspecified impact via a network session.... Read more

    • Published: Nov. 27, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3180

    Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows remote attackers to execute arbitrary code by accessing the... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Oct. 21, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2022-21878

    Windows Geolocation Service Remote Code Execution Vulnerability... Read more

    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 293969 Results