Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-4101

    infoRSS 1.1.4.2 and earlier extension for Firefox performs certain operations with chrome privileges, which allows remote attackers to execute arbitrary commands and perform cross-domain scripting attacks via the description tag of an RSS feed.... Read more

    Affected Products : firefox inforss
    • Published: Nov. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4127

    Unspecified vulnerability in Wikipedia Toolbar extension before 0.5.9.2 for Firefox allows user-assisted remote attackers to execute arbitrary JavaScript with Chrome privileges via vectors involving unspecified Toolbar buttons and the eval function. NOTE... Read more

    Affected Products : firefox wikipedia_toolbar
    • Published: Dec. 02, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4103

    Buffer overflow in Robo-FTP 3.6.17, and possibly other versions, allows remote FTP servers to cause a denial of service and possibly execute arbitrary code via unspecified FTP server responses. NOTE: the provenance of this information is unknown; the det... Read more

    Affected Products : robo-ftp
    • Published: Nov. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-11815

    An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.... Read more

    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-0999

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler b... Read more

    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-4405

    IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference) via an application that provides crafted key-mapping properties.... Read more

    Affected Products : mac_os_x iphone_os tvos
    • Published: Sep. 18, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2009-0556

    Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3, and PowerPoint in Microsoft Office 2004 for Mac, allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineTextRefAtom containing an an invalid index value that tri... Read more

    Affected Products : powerpoint office_powerpoint
    • Published: Apr. 03, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4844

    Use-after-free vulnerability in the CRecordInstance::TransferToDestination function in mshtml.dll in Microsoft Internet Explorer 5.01, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via DSO bindings involving (1) an XML Island, (2) XML ... Read more

    Affected Products : internet_explorer
    • Published: Dec. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4035

    The FoFiType1::parse function in fofi/FoFiType1.cc in Xpdf 3.0.0, gpdf 2.8.2, kpdf in kdegraphics 3.3.1, and possibly other libraries and versions, does not check the return value of the getNextLine function, which allows context-dependent attackers to ex... Read more

    Affected Products : xpdf gpdf kdegraphics kpdf
    • Published: Dec. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3976

    Buffer overflow in Labtam ProFTP 2.9 allows remote FTP servers to cause a denial of service (application crash) or execute arbitrary code via a long 220 reply (aka connection greeting or welcome message).... Read more

    Affected Products : proftp
    • Published: Nov. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-4001

    Integer overflow in XnView before 1.97.2 might allow remote attackers to execute arbitrary code via a DICOM image with crafted dimensions, leading to a heap-based buffer overflow.... Read more

    Affected Products : xnview
    • Published: Mar. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1408

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.... Read more

    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-3969

    Stack-based buffer overflow in Faslo Player 7.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a .m3u playlist file.... Read more

    Affected Products : faslo_player
    • Published: Nov. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3932

    The Gears plugin in Google Chrome before 3.0.195.32 allows user-assisted remote attackers to cause a denial of service (memory corruption and plugin crash) or possibly execute arbitrary code via unspecified use of the Gears SQL API, related to putting "SQ... Read more

    Affected Products : chrome
    • Published: Nov. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-2645

    Integer overflow in the exif_data_load_data_entry function in exif-data.c in libexif before 0.6.14 allows user-assisted remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted EXIF data, involving the (1) doff ... Read more

    Affected Products : libexif
    • Published: May. 14, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3924

    Buffer overflow in pbsv.dll, as used in Soldier of Fortune II and possibly other applications when Even Balance PunkBuster 1.728 or earlier is enabled, allows remote attackers to cause a denial of service (application server crash) and possibly execute ar... Read more

    Affected Products : soldier_of_fortune_2 punkbuster
    • Published: Nov. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3930

    Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.... Read more

    Affected Products : file file
    • Published: Nov. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2010-0262

    Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers access of an uninitialized stack variable, aka "Mi... Read more

    • Published: Mar. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-3859

    Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .rws file with a long RWS010 e... Read more

    • Published: Nov. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3799

    Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory ... Read more

    Affected Products : flash_player adobe_air
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294423 Results