Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-0146

    The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execu... Read more

    • Actively Exploited
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2011-1699

    Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url.... Read more

    Affected Products : iprint
    • Published: Jun. 09, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1645

    The web management interface on the Cisco RVS4000 Gigabit Security Router with software 1.x before 1.3.3.4 and 2.x before 2.0.2.7, and the WRVS4400N Gigabit Security Router with software before 2.0.2.1, allows remote attackers to read the backup configura... Read more

    • Published: May. 31, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-16039

    Use after free in extensions in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome
    • Published: Jan. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-0626

    Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors, related to a "bounds checking" issue, a different vulnerability than CVE-2... Read more

    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1560

    solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value.... Read more

    Affected Products : soliddb
    • Published: Apr. 05, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1512

    Heap-based buffer overflow in xlssr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a malformed BIFF record in a .xls Excel spreadsheet attachment, aka SPR PRAD8E3HKR.... Read more

    Affected Products : lotus_notes keyview
    • Published: May. 31, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1508

    Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Function Pointer Over... Read more

    Affected Products : publisher
    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1153

    A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-1426

    The OpenURLInDefaultBrowser method in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.2, and RealPlayer SP 1.0 through 1.1.5, launches a default handler for the filename specified in the first argument, which allows remote attackers to e... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-1032

    Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • Published: Apr. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2005-4867

    Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.... Read more

    Affected Products : db2_universal_database
    • Published: Dec. 31, 2005
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2011-1392

    The Blueberry FlashBack ActiveX control in BB FlashBack Recorder.dll in Blueberry BB FlashBack, as used in IBM Rational Rhapsody before 7.6.1 and other products, does not properly implement the (1) Start, (2) PauseAndSave, (3) InsertMarker, and (4) Insert... Read more

    Affected Products : bb_flashback rational_rhapsody
    • Published: Dec. 23, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1462

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-3922

    awstatstotals.php in AWStats Totals 1.0 through 1.14 allows remote attackers to execute arbitrary code via PHP sequences in the sort parameter, which is used by the multisort function when dynamically creating an anonymous PHP function.... Read more

    Affected Products : awstats_totals
    • Published: Sep. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-1346

    Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Stephen Fewer as the second of three chained vulnerabilities during a Pwn2Own competition at ... Read more

    Affected Products : windows_7 internet_explorer
    • Published: Mar. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1331

    JustSystems Ichitaro 2005 through 2011, Ichitaro Government 6, Ichitaro Government 2006 through 2010, Ichitaro Portable, Ichitaro Pro, and Ichitaro Viewer allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruptio... Read more

    • Published: Jul. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1374

    Buffer overflow in Apple QuickTime before 7.7.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted REGION record in a PICT file.... Read more

    Affected Products : quicktime
    • Published: Nov. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1336

    Buffer overflow in ALZip 8.21 and earlier allows remote attackers to execute arbitrary code via a crafted mim file.... Read more

    Affected Products : alzip
    • Published: Jul. 07, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-2506

    Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file... Read more

    • Published: Dec. 09, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294116 Results