Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-0403

    Untrusted search path vulnerability in ImgBurn.exe in ImgBurn 2.4.0.0, 2.5.4.0, and other versions allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located... Read more

    Affected Products : imgburn
    • Published: Jan. 11, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3239

    Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Extra Out of Boundary Record Parsing Vulnerability."... Read more

    Affected Products : excel
    • Published: Oct. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3147

    Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain ... Read more

    • Published: Aug. 27, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3628

    Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-20... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 06, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-3388

    liboggplay in Mozilla Firefox 3.5.x before 3.5.6 and SeaMonkey before 2.0.1 might allow context-dependent attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors, related to "memory safety issues."... Read more

    Affected Products : firefox seamonkey
    • Published: Dec. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-0341

    Stack-based buffer overflow in the pdfmoz_onmouse function in apps/mozilla/moz_main.c in the MuPDF plug-in 2008.09.02 for Firefox allows remote attackers to execute arbitrary code via a crafted web site.... Read more

    Affected Products : firefox mupdf
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3965

    Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows local users to gain privileges via a Trojan horse DLL in th... Read more

    • Published: Dec. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0335

    Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-201... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0320

    Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-201... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-12865

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-0332

    Integer overflow in Foxit Reader before 4.3.1.0218 and Foxit Phantom before 2.3.3.1112 allows remote attackers to execute arbitrary code via crafted ICC chunks in a PDF file, which triggers a heap-based buffer overflow.... Read more

    Affected Products : foxit_reader foxit_phantom
    • Published: Feb. 25, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0331

    Use-after-free vulnerability in the addOSPLext method in the Honeywell ScanServer ActiveX control 780.0.20.5 allows remote attackers to execute arbitrary code via a crafted HTML document.... Read more

    Affected Products : scanserver_activex_control
    • Published: Mar. 22, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0386

    The XML-RPC implementation on Cisco TelePresence Recording Server devices with software 1.6.x and 1.7.x before 1.7.1 allows remote attackers to overwrite files and consequently execute arbitrary code via a malformed request, aka Bug ID CSCti50739.... Read more

    • Published: Feb. 25, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0319

    Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0320, CVE-201... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0324

    Multiple heap-based buffer overflows in Topaz Systems SigPlus Pro ActiveX Control 3.95, and possibly other versions before 4.29, allow remote attackers to execute arbitrary code via a long (1) KeyString property, (2) NewPath parameter to the SetLocalIniFi... Read more

    Affected Products : sigplus_pro_activex_control
    • Published: Feb. 07, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0317

    Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0318, CVE-2011-0319, CVE-2011-0320, CVE-201... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0318

    Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0319, CVE-2011-0320, CVE-201... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-3855

    Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, ... Read more

    Affected Products : tivoli_storage_manager
    • Published: Nov. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-4381

    Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, and Mac RealPlayer 11.0 through 12.0.0.1444 allows remote attackers to have an unspecified impact via a crafted AAC file... Read more

    Affected Products : realplayer mac_os_x realplayer_sp
    • Published: Dec. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0346

    Use-after-free vulnerability in the ReleaseInterface function in MSHTML.DLL in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the DOM implem... Read more

    • Published: Jan. 07, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294423 Results