Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2014-0978

    Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.... Read more

    Affected Products : graphviz
    • Published: Jan. 10, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3329

    mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary code via a crafted Microsoft Office document that causes the HtmlDlgHelper class destructor to access uninitialized memory, aka "Uninitialized Memory Corrupti... Read more

    • Published: Oct. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4247

    RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted QCELP stream.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-30736

    A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos iphone_os tvos watchos ipados
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-30799

    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. Processing maliciously crafted web content may lead to... Read more

    Affected Products : macos mac_os_x iphone_os
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-3550

    Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : jre jdk
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1398

    WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, does not properly perform ordered list insertions, which allows remote attackers to execute arbitrary code or cause a denial of service (memory c... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4381

    MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a ... Read more

    Affected Products : mediawiki
    • Published: Feb. 08, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-4354

    TCPIPS_Story.dll in Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 allows remote attackers to execute arbitrary code via a port-46824 TCP packet with a crafted positive integer after the opcode, triggering incorrect fu... Read more

    Affected Products : winlog_lite winlog_pro
    • Published: Aug. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4359

    Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or pos... Read more

    Affected Products : winlog_lite winlog_pro
    • Published: Aug. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3817

    WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, does not properly perform a cast of an unspecified variable during processing of Cascading Style Sheets (CSS) 3D transforms, which allows rem... Read more

    • Published: Nov. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4358

    Sielco Sistemi Winlog Pro SCADA before 2.07.17 and Winlog Lite SCADA before 2.07.17 do not validate the return value of the realloc function, which allows remote attackers to cause a denial of service (invalid 0x00 write operation and daemon crash) or pos... Read more

    Affected Products : winlog_lite winlog_pro
    • Published: Aug. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-1522

    The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory c... Read more

    • Published: Apr. 30, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-3958

    The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly compile function calls, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NE... Read more

    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4305

    Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the Februa... Read more

    Affected Products : javafx
    • Published: Feb. 02, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4248

    The Amazon Kindle Touch before 5.1.2 does not properly restrict access to the libkindleplugin.so NPAPI plugin interface, which might allow remote attackers to have an unspecified impact via vectors involving the (1) dev.log, (2) lipc.set, (3) lipc.get, or... Read more

    Affected Products : kindle_touch
    • Published: Aug. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4250

    Stack-based buffer overflow in the RequestScreenOptimization function in the XProcessControl.ocx ActiveX control in msls31.dll in Samsung NET-i viewer 1.37 allows remote attackers to execute arbitrary code via a long string in the first argument.... Read more

    Affected Products : net-i_viewer
    • Published: Aug. 13, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-40779

    Adobe Media Encoder version 15.4.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is requi... Read more

    Affected Products : macos media_encoder windows
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-4217

    Use-after-free vulnerability in the nsViewManager::ProcessPendingUpdates function in Mozilla Firefox before 17.0, Thunderbird before 17.0, and SeaMonkey before 2.14 allows remote attackers to execute arbitrary code or cause a denial of service (heap memor... Read more

    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4216

    Use-after-free vulnerability in the gfxFont::GetFontEntry function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to execute ... Read more

    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293970 Results