Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-0176

    Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 do not properly manage reference counts for option elements in a XUL tree optgroup, which might allow remote attackers to execu... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Apr. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-15126

    A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be remo... Read more

    Affected Products : linux_kernel
    • Published: Jan. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0165

    The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary c... Read more

    Affected Products : firefox
    • Published: Mar. 25, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0130

    Integer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via a crafted .dir (aka Director) file.... Read more

    Affected Products : macos windows shockwave_player
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0127

    Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file.... Read more

    Affected Products : macos windows shockwave_player
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0129

    Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error.... Read more

    Affected Products : macos windows shockwave_player
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0131

    Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy KeyView 10.4 and 10.9, Symantec Mail Security, and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related ... Read more

    • Published: Aug. 17, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4573

    The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly configure the SFCB authentication mode, which allows remote attackers to obtain access via an arbitrary username and password.... Read more

    Affected Products : esxi esxi
    • Published: Dec. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0116

    Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows might allow remote attackers to execute arbitrary code via a crafted QCP file that triggers a heap-based buffer overflow.... Read more

    Affected Products : realplayer windows realplayer_sp
    • Published: Aug. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0107

    Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet Security, AntiVirus, SystemWorks, and Confidential 2006 through 2008; and Symantec Client Security 3.0.x before 3.1 MR9, and 3.1.x before MR9; allows remote... Read more

    • Published: Feb. 23, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-40752

    Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is re... Read more

    Affected Products : windows after_effects
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-0135

    Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), as used in Autonomy KeyView 10.4 and 10.9 and possibly other products, allows remote attackers to execute arbitrary code via unspecified vectors related to "data blocks."... Read more

    • Published: Aug. 17, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-0086

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different ... Read more

    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2020-26968

    Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This v... Read more

    Affected Products : firefox firefox_esr thunderbird
    • Published: Dec. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-4575

    HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods."... Read more

    Affected Products : openoffice
    • Published: Dec. 06, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-0046

    The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted format arguments.... Read more

    Affected Products : safari
    • Published: Mar. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0047

    Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "HTML object element fallback content."... Read more

    Affected Products : safari
    • Published: Mar. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0030

    Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint LinkedSlideAtom Heap Overflow Vulnerability."... Read more

    Affected Products : powerpoint
    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0043

    ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image.... Read more

    Affected Products : safari windows
    • Published: Mar. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0029

    Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint File Path Handling Buffer Overflow Vulnerability."... Read more

    Affected Products : powerpoint
    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 294714 Results