Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-0018

    Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote ... Read more

    • Published: Jan. 13, 2010
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2014-6503

    Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE... Read more

    Affected Products : jdk jre
    • Published: Oct. 15, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-0027

    The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers ... Read more

    • Published: Jan. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-5118

    Untrusted search path vulnerability in McAfee VirusScan Enterprise before 8.7i allows local users to gain privileges via a Trojan horse DLL in an unspecified directory, as demonstrated by scanning a document located on a remote share.... Read more

    Affected Products : virusscan_enterprise
    • Published: Aug. 22, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4962

    Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : fat_player
    • Published: Jul. 28, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-30934

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution... Read more

    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-16406

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion vul... Read more

    • Published: Dec. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-4863

    Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file.... Read more

    Affected Products : ultraplayer_media_player
    • Published: May. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-42532

    XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must ope... Read more

    • Published: May. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-4840

    Heap-based buffer overflow in the IAManager ActiveX control in IAManager.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the SetIAPlayerName method.... Read more

    Affected Products : cineplayer
    • Published: May. 06, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0633

    Buffer overflow in Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allow... Read more

    • Published: Feb. 08, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-0042

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-4776

    Buffer overflow in Hitachi Cosminexus V4 through V8, Processing Kit for XML, and Developer's Kit for Java, as used in products such as uCosminexus, Electronic Form Workflow, Groupmax, and IBM XL C/C++ Enterprise Edition 7 and 8, allows remote attackers to... Read more

    • Published: Apr. 21, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-16391

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is ... Read more

    • Published: Dec. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-4764

    Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document.... Read more

    Affected Products : acrobat_reader windows
    • Published: Apr. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4768

    Unspecified vulnerability in the JASS script interpreter in Warcraft III: The Frozen Throne 1.24b and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted custom map. NOTE: some of these details are obtained from third pa... Read more

    Affected Products : warcraft_3_the_frozen_throne
    • Published: Apr. 20, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1397

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors re... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1399

    WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, accesses uninitialized memory during a selection change on a form input element, which allows remote attackers to execute arbitrary code or cause... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3326

    Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitiali... Read more

    • Published: Oct. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-4758

    Stack-based buffer overflow in dicas Mpegable Player 2.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .YUV file.... Read more

    Affected Products : mpegable_player
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 294714 Results