Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-1818

    The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, and other versions allows remote attackers to execute arbitrary code via the _Marshaled_pUnk attribute, which triggers unmarshalling of an untrusted pointer.... Read more

    Affected Products : quicktime
    • Published: Aug. 31, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1824

    Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari, and Google Chrome before 6.0.472.59, allows remote attackers to execute arbitrary code or cause a denial of service via vectors related to SVG styles, th... Read more

    Affected Products : chrome itunes
    • Published: Sep. 24, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1806

    Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via run-in styling in an element, related to object pointers.... Read more

    Affected Products : safari
    • Published: Sep. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1799

    Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.... Read more

    Affected Products : quicktime windows
    • Published: Aug. 16, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1819

    Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) CoreVideo.dll, (2) CoreGraphics... Read more

    Affected Products : quicktime
    • Published: Dec. 27, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1795

    Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory.... Read more

    Affected Products : itunes
    • Published: Aug. 20, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1780

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (a... Read more

    • Published: Jul. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1786

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4; and webkitgtk before 1.2.6; allows remote attackers to execute arbitrary code or cause a denial of service (a... Read more

    • Published: Jul. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2024-11957

    Improper verification of the digital signature in ksojscore.dll in Kingsoft WPS Office in versions equal or less than 12.1.0.18276 on Windows allows an attacker to load an arbitrary Windows library. The patch released in version 12.2.0.16909 to mitigate... Read more

    Affected Products : wps_office
    • Published: Mar. 04, 2025
    • Modified: Mar. 04, 2025
    • Vuln Type: Misconfiguration

  • 9.3

    HIGH
    CVE-2010-1759

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors re... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1685

    Stack-based buffer overflow in CursorArts ZipWrangler 1.20 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename.... Read more

    Affected Products : zipwrangler
    • Published: May. 04, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1688

    Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions before 3.2.21, allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) .sps or (2) zip profile.... Read more

    Affected Products : syncback
    • Published: May. 24, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1686

    Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2) ABC Backup Pro 5.20 and ABC Backup 5.50, allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP archive.... Read more

    Affected Products : abc_backup urgent_backup
    • Published: May. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-0017

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-1789

    Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a JavaSc... Read more

    • Published: Jul. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1128

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (NULL pointer dereference and memory corruption) or possibly execute arbitrary code via a crafted TrueType font... Read more

    Affected Products : freetype firefox_mobile
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1525

    Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Symantec, and other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code vi... Read more

    • Published: Aug. 17, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1508

    Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.... Read more

    Affected Products : quicktime windows
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2024-1600

    A Local File Inclusion (LFI) vulnerability exists in the parisneo/lollms-webui application, specifically within the `/personalities` route. An attacker can exploit this vulnerability by crafting a URL that includes directory traversal sequences (`../../`)... Read more

    • Published: Apr. 10, 2024
    • Modified: Jul. 09, 2025

  • 9.3

    HIGH
    CVE-2010-1424

    Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows user-assisted remote attackers to execute arbitrary code via a crafted font file.... Read more

    Affected Products : ichitaro
    • Published: Apr. 15, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 294344 Results