Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-16381

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a buffer access with an in... Read more

    • Published: Dec. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2011-1269

    Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during file pa... Read more

    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1260

    Microsoft Internet Explorer 8 and 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Layout Memory Corruption Vulnerabi... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1250

    Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Link Properties Handling Memor... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1213

    Integer underflow in lzhsr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted header in a .lzh attachment that triggers a stack-based buffer overflow, aka SPR PRAD88MJ2W.... Read more

    Affected Products : lotus_notes
    • Published: May. 31, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1207

    The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX controls, as distributed in ActBar.ocx 1.0.6.5 in IBM Rational System Architect 11.4.0.2, 11.4.0.1, and earlier, does not properly restrict the SetLayoutData method, which allows remote... Read more

    Affected Products : rational_system_architect
    • Published: May. 05, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-5101

    Buffer overflow in the BMP reader in OptiPNG 0.6 and 0.6.1 allows user-assisted attackers to execute arbitrary code via a crafted BMP image, related to an "array overflow."... Read more

    Affected Products : optipng
    • Published: Nov. 17, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-1217

    Buffer overflow in kpprzrdr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via a crafted .prz attachment. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : lotus_notes notes
    • Published: May. 31, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1251

    Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "DOM Manipulation Memory Corruption Vulne... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-4334

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.... Read more

    Affected Products : mac_os_x
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-1216

    Stack-based buffer overflow in assr.dll in Autonomy KeyView, as used in IBM Lotus Notes before 8.5.2 FP3, allows remote attackers to execute arbitrary code via crafted tag data in an Applix spreadsheet attachment, aka SPR PRAD8823A7.... Read more

    Affected Products : lotus_notes
    • Published: May. 31, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4337

    Foxit Reader before 5.3 on Windows XP and Windows 7 allows remote attackers to execute arbitrary code via a PDF document with a crafted attachment that triggers calculation of a negative number during processing of cross references.... Read more

    Affected Products : windows_7 windows_xp foxit_reader reader
    • Published: Aug. 23, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1065

    Multiple stack-based buffer overflows in the PIPIWebPlayer ActiveX control (PIWebPlayer.ocx) in PIPI Player 2.8.0.0 allow remote attackers to execute arbitrary code via long arguments to the (1) PlayURL or (2) PlayURLWithLocalPlayer methods.... Read more

    Affected Products : pipi_player
    • Published: Feb. 23, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-1887

    Python 2.5.2 and earlier allows context-dependent attackers to execute arbitrary code via multiple vectors that cause a negative size value to be provided to the PyString_FromStringAndSize function, which allocates less memory than expected when assert() ... Read more

    Affected Products : ubuntu_linux debian_linux python
    • Published: Apr. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-2962

    Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable type confusion vulnerability in the XSLT engine related to localization functionality. Successful exploitation could lead to arbitrar... Read more

    • Published: Jan. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-3042

    Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable heap overflow vulnerability in image conversion, related to parsing offsets in TIFF files. Successful exploitation could lead to arbi... Read more

    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    CRITICAL
    CVE-2011-10026

    Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the API's search functionality. Improper input sanitation allows attackers to inject arbitrary shell commands via the search[instance_eval] parameter, which is dyna... Read more

    Affected Products :
    • Published: Aug. 20, 2025
    • Modified: Aug. 22, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2015-6087

    Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6093

    Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to exec... Read more

    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-0978

    Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code v... Read more

    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294299 Results