Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-2497

    The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser applicati... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2375

    Stack-based buffer overflow in Photo DVD Maker 8.02, and possibly earlier versions, allows remote attackers to execute arbitrary code via a long File_Name parameter in a .pdm file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : photo_dvd_maker
    • Published: Jul. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2363

    Stack-based buffer overflow in KUDRSOFT AudioPLUS 2.00.215 allows remote attackers to execute arbitrary code via a .pls playlist file with a playlist entry containing a long File1 argument.... Read more

    Affected Products : audioplus
    • Published: Jul. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2396

    PHP remote file inclusion vulnerability in template/album.php in DM Albums 1.9.2, as used standalone or as a WordPress plugin, allows remote attackers to execute arbitrary PHP code via a URL in the SECURITY_FILE parameter.... Read more

    Affected Products : wordpress dm_album
    • Published: Jul. 09, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2020-13533

    A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files an... Read more

    Affected Products : dream_report remote_connector
    • Published: Apr. 09, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-2386

    Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote attackers to force the download and execution of arbitrary files via the GetURL method.... Read more

    Affected Products : awakening_winds3d_viewer_plugin
    • Published: Jul. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2347

    Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-bas... Read more

    Affected Products : libtiff
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2384

    Buffer overflow in amp.exe in Brothersoft PEamp 1.02b allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3u playlist file. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : peamp
    • Published: Jul. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2223

    Directory traversal vulnerability in locms/smarty.php in LightOpenCMS 0.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the cwd parameter. NOTE: remote file inclusion attacks may be possible.... Read more

    Affected Products : lightopencms
    • Published: Jun. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2186

    Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that "was previously resolved in Shockwave... Read more

    Affected Products : shockwave_player
    • Published: Jun. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2169

    Insecure method vulnerability in the PDFVIEWER.PDFViewerCtrl.1 ActiveX control (pdfviewer.ocx) in Edraw PDF Viewer Component before 3.2.0.126 allows remote attackers to create and overwrite arbitrary files via a URL argument to the FtpConnect argument and... Read more

    Affected Products : pdf_viewer_component
    • Published: Jun. 22, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2121

    Buffer overflow in the browser kernel in Google Chrome before 2.0.172.33 allows remote HTTP servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted response.... Read more

    Affected Products : chrome
    • Published: Jun. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-2225

    Stack-based buffer overflow in SureThing CD/DVD Labeler 5.1.616 trial version allows user-assisted remote attackers to execute arbitrary code via a crafted (1) m3u or (2) pls playlist file. NOTE: the provenance of this information is unknown; the details... Read more

    Affected Products : surething_cd\/dvd_labeler
    • Published: Jun. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1917

    Microsoft Internet Explorer 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not properly handle... Read more

    • Published: Jul. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1817

    Multiple buffer overflows in DigiMode Maya 1.0.2 allow remote attackers to execute arbitrary code via a long string in a malformed (1) .m3u or (2) .m3l playlist file.... Read more

    Affected Products : maya
    • Published: May. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1860

    Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content.... Read more

    Affected Products : shockwave_player
    • Published: Jun. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1960

    inc/init.php in DokuWiki 2009-02-14, rc2009-02-06, and rc2009-01-30, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via the config_cascade[main][default][] parameter to doku.php. NOTE: PHP remote fi... Read more

    Affected Products : dokuwiki
    • Published: Jun. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1740

    Multiple heap-based buffer overflows in the D-Link MPEG4 Viewer ActiveX Control (csviewer.ocx) 2.11.918.2006 allow remote attackers to execute arbitrary code via a long argument to the (1) SetFilePath and (2) SetClientCookie methods. NOTE: the provenance... Read more

    Affected Products : mpeg4_viewer_activex_control
    • Published: May. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1708

    Apple Safari before 4.0 does not prevent calls to the open-help-anchor URL handler by web sites, which allows remote attackers to open arbitrary local help files, and execute arbitrary code or obtain sensitive information, via a crafted call.... Read more

    Affected Products : safari
    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1815

    Stack-based buffer overflow in Sonic Spot Audioactive Player 1.93b allows remote attackers to execute arbitrary code via a long string in a playlist file, as demonstrated by a long .mp3 URL in a .m3u file.... Read more

    Affected Products : audioactive_player
    • Published: May. 29, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294690 Results