Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2015-8643

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe AIR SDK & Compiler befor... Read more

    • Published: Dec. 28, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-3319

    Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.... Read more

    Affected Products : webex_recording_format_player
    • Published: Oct. 27, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2950

    Heap-based buffer overflow in the GIFLZWDecompressor::GIFLZWDecompressor function in filter.vcl/lgif/decode.cxx in OpenOffice.org (OOo) before 3.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code ... Read more

    Affected Products : ubuntu_linux debian_linux openoffice
    • Published: Feb. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0193

    Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3250

    Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding.... Read more

    • Published: Oct. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4654

    poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack.... Read more

    Affected Products : debian_linux poppler
    • Published: Nov. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-3211

    The server in Bcfg2 1.1.2 and earlier, and 1.2 prerelease, allows remote attackers to execute arbitrary commands via shell metacharacters in data received from a client.... Read more

    Affected Products : bcfg2 bcfg2
    • Published: Sep. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3185

    gtkutils.c in Pidgin before 2.10.0 on Windows allows user-assisted remote attackers to execute arbitrary programs via a file: URL in a message.... Read more

    Affected Products : pidgin windows
    • Published: Aug. 29, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3249

    Buffer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with FLC encoding.... Read more

    • Published: Oct. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3141

    Buffer overflow in the InBatch BatchField ActiveX control for Invensys Wonderware InBatch 8.1 SP1, 9.0, and 9.0 SP1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : wonderware_inbatch
    • Published: Aug. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3129

    The file upload functionality in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2, when running "on hosts with dangerous security settings," has unknown impact and attack vectors, possibly related to dangerous filenames.... Read more

    Affected Products : wordpress
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-0078

    Unspecified vulnerability in an ActiveX control (dxtmsft.dll) in Microsoft Internet Explorer 5.01, 6 SP1 and SP2, and 7 allows remote attackers to execute arbitrary code via a crafted image, aka "Argument Handling Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer ie activex
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3169

    Buffer overflow in a certain ActiveX control in the EDraw Office Viewer Component (edrawofficeviewer.ocx) 4.0.5.20, and other versions before 5.0, allows remote attackers to cause a denial of service (Internet Explorer 7 crash) or execute arbitrary code v... Read more

    Affected Products : office_viewer_component
    • Published: Jun. 11, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-0072

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Feb. 10, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-2993

    The implementation of digital signatures for JAR files in Mozilla Firefox 4.x through 5, SeaMonkey 2.x before 2.3, and possibly other products does not prevent calls from unsigned JavaScript code to signed code, which allows remote attackers to bypass the... Read more

    Affected Products : firefox seamonkey
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-2257

    Microsoft Internet Explorer 5.01, 6, and 7 accesses uninitialized memory in certain conditions, which allows remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to a document object "appended in a specific ... Read more

    Affected Products : internet_explorer
    • Published: Aug. 13, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-2954

    Use-after-free vulnerability in the AutoUpdate feature in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbitrary code via u... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2955

    Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5, when an Embedded RealPlayer is used, allows remote attackers to execute arbi... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2950

    Heap-based buffer overflow in qcpfformat.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted QCP file.... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2962

    Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via two unspecified ActiveX controls.... Read more

    Affected Products : wonderware_information_server
    • Published: Jul. 29, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294273 Results