Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-35999

    Adobe Prelude version 10.0 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the curren... Read more

    Affected Products : prelude windows
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-1779

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Jun. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2012-4186

    Heap-based buffer overflow in the nsWaveReader::DecodeAudioData function in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allows remote attackers to exec... Read more

    • Published: Oct. 10, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4202

    Heap-based buffer overflow in the image::RasterImage::DrawFrameTo function in Mozilla Firefox before 17.0, Firefox ESR 10.x before 10.0.11, Thunderbird before 17.0, Thunderbird ESR 10.x before 10.0.11, and SeaMonkey before 2.14 allows remote attackers to ... Read more

    • Published: Nov. 21, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2022-28819

    Adobe Character Animator versions 4.4.2 (and earlier) and 22.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user in... Read more

    Affected Products : macos windows character_animator
    • Published: May. 12, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-7860

    Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Nov. 08, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-43754

    Adobe Prelude version 22.1.1 (and earlier) is affected by an Out-of-bounds Write vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required... Read more

    Affected Products : macos prelude windows
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40787

    Adobe Premiere Elements 20210809.daily.2242976 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interact... Read more

    Affected Products : macos windows premiere_elements
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-4057

    Buffer overflow in the Player in Remote-Anything 5.60.15 allows remote attackers to execute arbitrary code via a crafted flm file.... Read more

    Affected Products : remote-anything
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4011

    The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute arbitrary Java methods, and obtain sensitive information or execute arbitrary commands, via a crafted web site.... Read more

    Affected Products : kunai
    • Published: Sep. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3980

    The web console in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, and Thunderbird ESR 10.x before 10.0.7 allows user-assisted remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted... Read more

    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3982

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 16.0, Firefox ESR 10.x before 10.0.8, Thunderbird before 16.0, Thunderbird ESR 10.x before 10.0.8, and SeaMonkey before 2.13 allow remote attackers to cause a denial of s... Read more

    • Published: Oct. 10, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3965

    Mozilla Firefox before 15.0 does not properly restrict navigation to the about:newtab page, which allows remote attackers to execute arbitrary JavaScript code with chrome privileges via a crafted web site that triggers creation of a new tab and then a new... Read more

    Affected Products : firefox
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3962

    Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 do not properly iterate through the characters in a text run, which allows remote attackers to execute arbi... Read more

    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3841

    Untrusted search path vulnerability in KMPlayer 3.2.0.19 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ehtrace.dll that is located in the current working directory.... Read more

    Affected Products : kmplayer
    • Published: Jul. 03, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3937

    Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967.... Read more

    Affected Products : webex_recording_format_player
    • Published: Oct. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3815

    Buffer overflow in RunTime.exe in Sielco Sistemi Winlog Pro SCADA before 2.07.18 and Winlog Lite SCADA before 2.07.18 allows remote attackers to execute arbitrary code via a crafted packet to TCP port 46824. NOTE: some of these details are obtained from ... Read more

    Affected Products : winlog_lite winlog_pro
    • Published: Jun. 27, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0610

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3757

    Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.... Read more

    Affected Products : quicktime
    • Published: Nov. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3756

    Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted rnet box in an MP4 movie file.... Read more

    Affected Products : quicktime
    • Published: Nov. 09, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293970 Results