Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2012-1855

    Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly handle function pointers, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP) or (2) a crafted .NET Framework application,... Read more

    • Published: Jun. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1881

    Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "OnRowsInserted Event Remote Code Execution Vulnerability."... Read more

    • Published: Jun. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1856

    The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and... Read more

    • Actively Exploited
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-1837

    Race condition in the NPObjWrapper_NewResolve function in modules/plugin/base/src/nsJSNPRuntime.cpp in xul.dll in Mozilla Firefox 3 before 3.0.11 might allow remote attackers to execute arbitrary code via a page transition during Java applet loading, rela... Read more

    • Published: Jun. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2012-1888

    Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability."... Read more

    Affected Products : visio visio_viewer
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1819

    Untrusted search path vulnerability in WellinTech KingView 6.53 allows local users to gain privileges via a Trojan horse DLL in the current working directory.... Read more

    Affected Products : kinghistorian kingview
    • Published: May. 02, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-1728

    Unspecified vulnerability in Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to the crypto.gen... Read more

    • Published: Apr. 14, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2012-1776

    Multiple heap-based buffer overflows in VideoLAN VLC media player before 2.0.1 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Real RTSP stream.... Read more

    Affected Products : vlc_media_player
    • Published: Mar. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1845

    Use-after-free vulnerability in Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the DEP and ASLR protection mechanisms, and execute arbitrary code, via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at C... Read more

    Affected Products : chrome
    • Published: Mar. 22, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2195

    Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted floating-point numbers.... Read more

    • Published: Aug. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2012-1885

    Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxE... Read more

    Affected Products : office excel office_compatibility_pack
    • Published: Nov. 14, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1661

    ESRI ArcMap 9 and ArcGIS 10.0.2.3200 and earlier does not properly prompt users before executing embedded VBA macros, which allows user-assisted remote attackers to execute arbitrary VBA code via a crafted map (.mxd) file.... Read more

    Affected Products : arcgis arcmap
    • Published: Jul. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1616

    Use-after-free vulnerability in icclib before 2.13, as used by Argyll CMS before 1.4 and possibly other programs, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted ICC profile file.... Read more

    Affected Products : argyllcms icclib
    • Published: Jun. 21, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1520

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1539

    Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site, aka "CTreePos Use After Free Vulnerability."... Read more

    • Published: Nov. 14, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1527

    Integer underflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges v... Read more

    • Published: Nov. 14, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4221

    Unspecified vulnerability in Investintech.com Able2Doc and Able2Doc Professional allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted document.... Read more

    Affected Products : able2doc
    • Published: Nov. 01, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1524

    Microsoft Internet Explorer 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing a deleted object, aka "Attribute Remove Remote Code Execution Vulnerability."... Read more

    • Published: Jul. 10, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-0030

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2012-1529

    Use-after-free vulnerability in Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly initialized or (2) is deleted, aka "OnMove Use After F... Read more

    Affected Products : internet_explorer
    • Published: Sep. 21, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293947 Results