Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2020-16874

    <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is log... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-5381

    Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be ... Read more

    Affected Products : ios
    • Published: Oct. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16947

    <p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the targeted us... Read more

    Affected Products : office 365_apps outlook
    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-1972

    Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability."... Read more

    Affected Products : visio
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-5660

    Unspecified vulnerability in the Update Service ActiveX control in isusweb.dll before 6.0.100.65101 in MacroVision FLEXnet Connect and InstallShield 2008 allows remote attackers to execute arbitrary code via an unspecified "unsafe method," possibly involv... Read more

    • Published: Nov. 02, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5755

    Multiple stack-based buffer overflows in the AOL AmpX ActiveX control in AmpX.dll 2.6.1.11 in AOL Radio allow remote attackers to execute arbitrary code via long arguments to unspecified methods.... Read more

    Affected Products : radio
    • Published: Nov. 14, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16856

    <p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is log... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-5959

    Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.10 and SeaMonkey before 1.1.7 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger memory corruption.... Read more

    Affected Products : firefox seamonkey
    • Published: Nov. 26, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-2478

    Google SketchUp before 8 does not properly handle edge geometry in SketchUp (aka .SKP) files, which allows remote attackers to execute arbitrary code via a crafted file.... Read more

    Affected Products : sketchup
    • Published: Apr. 17, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2940

    stunnel 4.40 and 4.41 might allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors.... Read more

    Affected Products : stunnel
    • Published: Aug. 25, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-5246

    Multiple heap-based buffer overflows in xine-lib before 1.1.15 allow remote attackers to execute arbitrary code via vectors that send ID3 data to the (1) id3v22_interp_frame and (2) id3v24_interp_frame functions in src/demuxers/id3.c. NOTE: the provenanc... Read more

    Affected Products : xine-lib
    • Published: Nov. 26, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16911

    <p>A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker cou... Read more

    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-3400

    Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 do not properly handle OLE objects in memory, which allows remote attackers to execute arbitrary code via a crafted object in a file, aka "OLE Property Vulnerability."... Read more

    Affected Products : windows_server_2003 windows_xp
    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0035

    Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an... Read more

    Affected Products : emacs cedet
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-0584

    icc.c in the International Color Consortium (ICC) Format library (aka icclib), as used in Ghostscript 8.64 and earlier and Argyll Color Management System (CMS) 1.0.3 and earlier, allows context-dependent attackers to cause a denial of service (application... Read more

    Affected Products : ghostscript cms
    • Published: Mar. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-2194

    Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflo... Read more

    Affected Products : vlc_media_player
    • Published: Jun. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2127

    Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2128.... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2117

    Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2118

    The FLV ASSET Xtra component in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors, related to an "input validation vulnerability."... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2126

    Buffer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294276 Results