Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2020-1248

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.... Read more

    Affected Products : windows_10 windows_server_2016
    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-12861

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-5165

    Stack-based buffer overflow in Free MP3 CD Ripper 1.1, 2.6 and earlier, when converting a file, allows user-assisted remote attackers to execute arbitrary code via a crafted .wav file.... Read more

    Affected Products : free_mp3_cd_ripper
    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-5170

    Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 allows remote attackers to execute arbitrary code via a long track name in an m3u playlist.... Read more

    Affected Products : ccmplayer
    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-5171

    Multiple stack-based buffer overflows in CyberLink Power2Go 7 (build 196) and 8 (build 1031) allow remote attackers to execute arbitrary code via the (1) src and (2) name parameters in a p2g project file.... Read more

    Affected Products : power2go
    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-5164

    Stack-based buffer overflow in VanDyke Software AbsoluteFTP 1.9.6 through 2.2.10 allows remote FTP servers to execute arbitrary code via a crafted file name in a LIST command response.... Read more

    Affected Products : absoluteftp
    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-5167

    Heap-based buffer overflow in the SetDevNames method of the Tidestone Formula One ActiveX control (TTF16.ocx) 6.3.5 Build 1 in Oracle Hyperion Strategic Finance 12.x and possibly earlier allows remote attackers to execute arbitrary code via a long string ... Read more

    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0571

    Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-... Read more

    Affected Products : flash_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1319

    <p>A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-5162

    Stack-based buffer overflow in GOM Player 2.1.33.5071 allows user-assisted remote attackers to execute arbitrary code via a .ASX file with a long URI in the "ref href" tag. NOTE: this issue exists because of a CVE-2007-0707 regression.... Read more

    Affected Products : gom_player
    • Published: Sep. 15, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2430

    Adobe Flash Player before 10.3.183.10 on Windows, Mac OS X, Linux, and Solaris, and before 10.3.186.7 on Android, allows remote attackers to execute arbitrary code via crafted streaming media, related to a "logic error vulnerability."... Read more

    • Published: Sep. 22, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-5046

    The Graphics Device Interface (GDI) in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate us... Read more

    • Published: Dec. 30, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1240

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.... Read more

    Affected Products : 365_apps
    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1208

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1236.... Read more

    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-4856

    The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 sends incorrect Content-Type headers for certain resources, which might allow remote attackers to have an unspecified impact by leveraging an interpretation conflict involving admin/health... Read more

    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1192

    A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-... Read more

    Affected Products : visual_studio_code python
    • Published: May. 21, 2020
    • Modified: Jul. 08, 2025

  • 9.3

    HIGH
    CVE-2011-4851

    The Control Panel in Parallels Plesk Panel 10.4.4_build20111103.18 generates a password form field without disabling the autocomplete feature, which makes it easier for remote attackers to bypass authentication by leveraging an unattended workstation, as ... Read more

    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4787

    A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than... Read more

    Affected Products : easy_printer_care_software
    • Published: Jan. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1175

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1176.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1167

    <p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p> <p>To exploit the vulnera... Read more

    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294125 Results