Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-0218

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0234

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4241

    Heap-based buffer overflow in RealNetworks RealPlayer 10, RealPlayer 10.5 6.0.12.1040 through 6.0.12.1741, RealPlayer 11 11.0.0 through 11.0.4, RealPlayer Enterprise, Mac RealPlayer 10 and 10.1, Linux RealPlayer 10, and Helix Player 10.x allows remote att... Read more

    • Published: Jan. 25, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0222

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0240

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-5526

    VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to a... Read more

    Affected Products : workstation
    • Published: May. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-0252

    Heap-based buffer overflow in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted STTS atoms in a QuickTime movie file.... Read more

    Affected Products : quicktime
    • Published: Aug. 04, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0192

    Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) vi... Read more

    • Published: Mar. 03, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0215

    ImageIO in Apple Safari before 5.0.6 on Windows does not properly address re-entrancy issues, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file.... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-4187

    Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-0101

    Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RealTimeData record, related to a stTopic field, double-byte characters, and an incorrect pointer calculation, aka "E... Read more

    Affected Products : excel
    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0093

    ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Data Ty... Read more

    Affected Products : visio
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0103

    Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted record information in an Excel fi... Read more

    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-4244

    Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-0107

    Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, ... Read more

    Affected Products : office
    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0092

    The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that... Read more

    Affected Products : visio
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-2408

    An issue was discovered in certain Apple products. macOS before 10.12.4 is affected. The issue involves the "IOATAFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Apr. 02, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2011-0041

    Integer overflow in gdiplus.dll in GDI+ in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted EMF image,... Read more

    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0036

    Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, relat... Read more

    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0034

    Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allo... Read more

    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294694 Results