Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2012-0371

    Cisco Wireless LAN Controller (WLC) devices with software 4.x, 5.x, 6.0, and 7.0 before 7.0.220.4, when CPU-based ACLs are enabled, allow remote attackers to read or modify the configuration via unspecified vectors, aka Bug ID CSCtu56709.... Read more

    • Published: Mar. 01, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0358

    Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26... Read more

    • Published: Mar. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1504

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If... Read more

    Affected Products : excel
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0315

    Untrusted search path vulnerability in ALFTP before 5.31 allows local users to gain privileges via a Trojan horse executable file in a directory that is accessed for reading an extensionless file, as demonstrated by executing the README.exe file when a us... Read more

    Affected Products : alftp
    • Published: Feb. 22, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-2524

    Microsoft Office 2007 SP2 and SP3 and 2010 SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Computer Graphics Metafile (CGM) file, aka "CGM File Format Memory Corruption Vulnerability."... Read more

    Affected Products : office
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0284

    Stack-based buffer overflow in the SetSource method in the Cisco Linksys PlayerPT ActiveX control 1.0.0.15 in PlayerPT.ocx on the Cisco WVC200 Wireless-G PTZ Internet video camera allows remote attackers to execute arbitrary code via a long URL in the fir... Read more

    • Published: Jul. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0266

    Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafte... Read more

    Affected Products : office outlook
    • Published: Jul. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1416

    An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.... Read more

    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1421

    A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remo... Read more

    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0190

    Unspecified vulnerability in the Render method in the ExportHTML.ocx ActiveX control in ExportHTML.dll in IBM SPSS Dimensions 5.5 and SPSS Data Collection 5.6, 6.0, and 6.0.1 allows remote attackers to execute arbitrary code via a crafted HTML document.... Read more

    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0223

    Untrusted search path vulnerability in 7-Technologies (7T) TERMIS 2.10 and earlier allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different vulnerability than CVE-2012-0224.... Read more

    Affected Products : termis
    • Published: Feb. 22, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0189

    Multiple unspecified vulnerabilities in the (1) PrintFile and (2) SaveDoc methods in the VsVIEW6 ActiveX control in VsVIEW6.ocx in IBM SPSS SamplePower 3.0 allow remote attackers to execute arbitrary code via a crafted HTML document.... Read more

    Affected Products : spss_samplepower
    • Published: Jan. 18, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0201

    Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long profile string in a WorkStation (aka .ws) file.... Read more

    Affected Products : personal_communications
    • Published: Mar. 02, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0176

    Double free vulnerability in Microsoft Silverlight 4 before 4.1.10329 on Windows allows remote attackers to execute arbitrary code via vectors involving crafted XAML glyphs, aka "Silverlight Double-Free Vulnerability."... Read more

    Affected Products : silverlight
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0177

    Heap-based buffer overflow in the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6-9 File Converter allows remote attackers to execute arbitrary code via a crafted Works (aka .wps) file, aka "Office WPS Converter Heap Overflo... Read more

    Affected Products : office works works_6-9_file_converter
    • Published: Apr. 10, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1409

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.... Read more

    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0175

    The Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted name for a (1) file or (2) direc... Read more

    • Published: Jul. 10, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0167

    Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability."... Read more

    Affected Products : office
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0159

    Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4... Read more

    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0192

    Multiple integer overflows in vclmi.dll in the visual class library module in IBM Lotus Symphony before 3.0.1 might allow remote attackers to execute arbitrary code via an embedded (1) JPEG or (2) PNG image object in a Symphony document that triggers a he... Read more

    Affected Products : lotus_symphony
    • Published: Jan. 23, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 294072 Results