Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-3128

    Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView Memo... Read more

    • Published: Nov. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2934

    Multiple stack-based buffer overflows in xaudio.dll in Programmed Integration PIPL 2.5.0 and 2.5.0D allow remote attackers to execute arbitrary code via a long string in a (1) .pls or (2) .pl playlist file.... Read more

    Affected Products : pipl
    • Published: Aug. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3058

    Stack-based buffer overflow in akPlayer 1.9.0 allows remote attackers to execute arbitrary code via a long string in a .plt playlist file.... Read more

    Affected Products : akplayer
    • Published: Sep. 03, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2993

    The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2896

    Buffer overflow in KMplayer 2.9.4.1433 and earlier allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a subtitle (.srt) playlist file. NOTE: some of these details are obtained from third... Read more

    Affected Products : kmplayer
    • Published: Aug. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2878

    Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and... Read more

    Affected Products : webex
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2990

    Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2946

    Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages.... Read more

    Affected Products : devscripts linux
    • Published: Sep. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2880

    Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a d... Read more

    Affected Products : webex
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2798

    Heap-based buffer overflow in Apple QuickTime before 7.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted FlashPix file.... Read more

    Affected Products : quicktime
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2819

    AFP Client in Apple Mac OS X 10.5.8 allows remote AFP servers to execute arbitrary code or cause a denial of service (memory corruption and system crash) via unspecified vectors.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2784

    Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path parameter to index.php in (1) install/, (2) menus/left_rights... Read more

    Affected Products : dit.cms
    • Published: Aug. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2877

    Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows re... Read more

    Affected Products : webex
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2981

    Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2627

    Insecure method vulnerability in the Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in acerctrl.ocx allows remote attackers to execute arbitrary commands via the Run method, a different vulnerability than CVE-2006-6121.... Read more

    Affected Products : lunchapp.aplunch
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2628

    The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not prope... Read more

    Affected Products : player workstation ace movie_decoder
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2646

    Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote... Read more

    • Published: Jul. 30, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2582

    Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2... Read more

    Affected Products : download_manager
    • Published: Jul. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2530

    Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2643

    Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote a... Read more

    • Published: Jul. 28, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294423 Results