Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2020-13958

    A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. These hyperlinks can be triggered unconditionally. In fixed versions no intern... Read more

    Affected Products : openoffice
    • Published: Nov. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-4756

    Stack-based buffer overflow in TraktorBeatport.exe 1.0.0.283 in Beatport Player 1.0.0.0 allows remote attackers to execute arbitrary code via a long string in a malformed playlist (.m3u) file.... Read more

    Affected Products : beatport_player
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4676

    Stack-based buffer overflow in JetCast.exe 2.0.4.1109 in jetAudio 7.5.2 and 7.5.3.15 allows remote attackers to execute arbitrary code via a long title in a FLAC file. NOTE: the provenance of this information is unknown; the details are obtained solely f... Read more

    Affected Products : jetaudio jetaudio
    • Published: Mar. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4631

    Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption.... Read more

    Affected Products : ffmpeg
    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-16372

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This issue is due to untrusted pointer dereference in the... Read more

    • Published: Dec. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-4502

    The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.li... Read more

    Affected Products : solaris freebsd zabbix
    • Published: Dec. 31, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4480

    Buffer overflow in the web service in AzeoTech DAQFactory 5.77 might allow remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.16 through 8.11. NOTE: as of 20091229, thi... Read more

    Affected Products : daqfactory
    • Published: Dec. 30, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-4253

    Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file in an ODF or Microsoft Office document,... Read more

    Affected Products : ubuntu_linux debian_linux openoffice
    • Published: Jan. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2007-5209

    Stack-based buffer overflow in DriveLock.exe in CenterTools DriveLock 5.0 allows remote attackers to execute arbitrary code via a long HTTP request to TCP port 6061. NOTE: the provenance of this information is unknown; the details are obtained solely fro... Read more

    Affected Products : drivelock
    • Published: Oct. 04, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4376

    Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.... Read more

    Affected Products : wireshark
    • Published: Dec. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-4374

    Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : macos acrobat windows reader unix
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-0283

    Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Feb. 12, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4313

    ir32_32.dll 3.24.15.3 in the Indeo32 codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to cause a denial of service (heap corruption) or execute arbitrary code via malformed data in a stream in a media file, ... Read more

    • Published: Dec. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4309

    Heap-based buffer overflow in the Intel Indeo41 codec for Windows Media Player in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a large size value in a movi record in an IV41 stream i... Read more

    • Published: Dec. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4311

    Unspecified vulnerability in the Indeo codec in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via crafted media content, as reported to Microsoft by Paul Byrne of NGS Software. NOTE: thi... Read more

    • Published: Dec. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-3643

    Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) vi... Read more

    • Published: Nov. 07, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2008-3632

    Use-after-free vulnerability in WebKit in Apple iPod touch 1.1 through 2.0.2, and iPhone 1.0 through 2.0.2, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a web page with crafted Cascading Style Shee... Read more

    Affected Products : iphone_os iphone ipod_touch
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4292

    Buffer overflow in the URL filtering function in Internet Initiative Japan SEIL/X1, SEIL/X2, and SEIL/B1 firmware 2.40 through 2.51 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3005

    Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vuln... Read more

    Affected Products : office
    • Published: Aug. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4265

    Stack-based buffer overflow in Ideal Administration 2009 9.7.1, and possibly other versions, allows remote attackers to execute arbitrary code via a long Computer value in an .ipj project file.... Read more

    Affected Products : ideal_administration_2009
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294337 Results