Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-3413

    Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corru... Read more

    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-2393

    The design of QuickTime for Java in Apple Quicktime before 7.2 allows remote attackers to bypass certain security controls and write to process memory via Java applets, possibly leading to arbitrary code execution.... Read more

    Affected Products : quicktime
    • Published: Jul. 15, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-3410

    Array index error in Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Out-of-bounds Array Index Vulnera... Read more

    Affected Products : publisher
    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3000

    Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows allow remote attackers to execute arbitrary code via crafted (1) HX_FLV_META_AMF_TYPE_MIXEDARRAY or (2) H... Read more

    Affected Products : realplayer windows realplayer_sp
    • Published: Aug. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3401

    ENCDEC.DLL in Windows Media Player and Media Center in Microsoft Windows XP SP2 and SP3, Windows Vista SP2, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted .dvr-ms file, aka "Windows Media Player DVR-MS Memory Co... Read more

    Affected Products : windows_7 windows_vista windows_xp
    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4391

    Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.1.2 and 2.1.3 allows remote attackers to execute arbitrary code via a crafted value in an unspecified header field in an ... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Dec. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3360

    Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.... Read more

    Affected Products : wireshark
    • Published: Sep. 20, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2237

    Heap-based buffer overflow in OpenOffice.org (OOo) 2.x before 2.4.2 allows remote attackers to execute arbitrary code via a crafted WMF file associated with a StarOffice/StarSuite document.... Read more

    Affected Products : openoffice.org
    • Published: Oct. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-8643

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler befor... Read more

    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-3319

    Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.... Read more

    Affected Products : webex_recording_format_player
    • Published: Oct. 27, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2950

    Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code ... Read more

    Affected Products : ubuntu_linux debian_linux openoffice
    • Published: Feb. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0193

    Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3250

    Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.... Read more

    • Published: Oct. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4654

    poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.... Read more

    Affected Products : debian_linux poppler
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-3211

    The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client.... Read more

    Affected Products : bcfg2 bcfg2
    • Published: Sep. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3185

    gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.... Read more

    Affected Products : pidgin windows
    • Published: Aug. 29, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3249

    Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.... Read more

    • Published: Oct. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3141

    Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : wonderware_inbatch
    • Published: Aug. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3129

    The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.... Read more

    Affected Products : wordpress
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-0078

    Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer ie activex
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 294264 Results