Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-2784

    Multiple directory traversal vulnerabilities in dit.cms 1.3, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the path parameter to index.php in (1) install/, (2) menus/left_rights... Read more

    Affected Products : dit.cms
    • Published: Aug. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2877

    Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows re... Read more

    Affected Products : webex
    • Published: Dec. 18, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2981

    Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Oct. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2627

    Insecure method vulnerability in the Acer LunchApp (aka AcerCtrls.APlunch) ActiveX control in acerctrl.ocx allows remote attackers to execute arbitrary commands via the Run method, a different vulnerability than CVE-2006-6121.... Read more

    Affected Products : lunchapp.aplunch
    • Published: Aug. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2628

    The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not prope... Read more

    Affected Products : player workstation ace movie_decoder
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2646

    Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4 allow user-assisted remote... Read more

    • Published: Jul. 30, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2582

    Stack-based buffer overflow in manager.exe in Akamai Download Manager (aka DLM or dlmanager) before 2.2.4.8 allows remote web servers to execute arbitrary code via a malformed HTTP response during a Redswoosh download, a different vulnerability than CVE-2... Read more

    Affected Products : download_manager
    • Published: Jul. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2530

    Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2643

    Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 5.0 and BlackBerry Professional Software 4.1.4 allow user-assisted remote a... Read more

    • Published: Jul. 28, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2519

    The DHTML Editing Component ActiveX control in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 does not properly format HTML markup, which allows remote attackers to execute arbitrary code via a crafted web site that triggers "system state... Read more

    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2496

    Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Interne... Read more

    • Published: Aug. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2550

    Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .hpl playlist file.... Read more

    Affected Products : hamster_audio_player
    • Published: Jul. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2498

    Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf,... Read more

    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2503

    GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2501

    Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold a... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2403

    Heap-based buffer overflow in SCMPX 1.5.1 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long string in a .m3u playlist file.... Read more

    Affected Products : scmpx
    • Published: Jul. 09, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2497

    The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser applicati... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2375

    Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : photo_dvd_maker
    • Published: Jul. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2363

    Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.... Read more

    Affected Products : audioplus
    • Published: Jul. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2396

    PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.... Read more

    Affected Products : wordpress dm_album
    • Published: Jul. 09, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294510 Results