Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-0555

    Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML local files as HTML documents, which allows remote attackers to bypass intended access restrictions and read arbitrary files via vectors involving the product'... Read more

    • Published: Feb. 04, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0599

    Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt XML RPC sessions from operat... Read more

    • Published: May. 27, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0598

    Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not encrypt HTTP sessions from operator ... Read more

    • Published: May. 27, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1225

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.... Read more

    Affected Products : office 365_apps excel
    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0529

    Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PICT image with a BkPixPat opcode (0x12) containing crafted val... Read more

    • Published: Mar. 31, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0527

    Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image.... Read more

    • Published: Mar. 31, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0620

    Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an ... Read more

    Affected Products : homebase_server
    • Published: Feb. 25, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-8575

    A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory, aka "Microsoft Project Remote Code Execution Vulnerability." This affects Microsoft Project, Office 365 ProPlus, Microsoft Proje... Read more

    • Published: Nov. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0486

    The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 doe... Read more

    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-1658

    Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-1706... Read more

    Affected Products : internet_explorer
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-0487

    The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Extension 5.1, 6.0, and 6.1 in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server ... Read more

    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0480

    Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allow remote attackers to execute arbitrary code via a crafted AV... Read more

    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0491

    Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote attackers to execute arbitrary code by changing unspecified properties of an HTML object that has an onreadystatechange event handler, aka "HTML Object Memory... Read more

    • Published: Mar. 31, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-1710

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-0492

    Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "... Read more

    • Published: Mar. 31, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0512

    The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access re... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Mar. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-35989

    Adobe Bridge version 11.0.2 (and earlier) is affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the cu... Read more

    Affected Products : windows bridge
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0395

    OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro security restrictions and execute arbitrary Python code via a crafted OpenDocument Text (ODT) file that triggers code execution when the macro directory s... Read more

    • Published: Jun. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-36046

    XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.... Read more

    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-36050

    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted f... Read more

    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 294319 Results