Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-1586

    Stack-based buffer overflow in the NZB importer feature in GrabIt 1.7.2 Beta 3 and earlier allows remote attackers to execute arbitrary code via a crafted DTD reference in a DOCTYPE element in an NZB file.... Read more

    Affected Products : grabit
    • Published: May. 07, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1612

    Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May ... Read more

    Affected Products : storm
    • Published: May. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1600

    Apple Safari executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on acce... Read more

    Affected Products : safari acrobat_reader
    • Published: May. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1565

    vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, al... Read more

    • Published: Apr. 12, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-1539

    The QuickTime Movie Parser Filter in quartz.dll in DirectShow in Microsoft DirectX 7.0 through 9.0c on Windows 2000 SP4, Windows XP SP2 and SP3, and Windows Server 2003 SP2 does not properly validate unspecified size fields in QuickTime media files, which... Read more

    • Published: Jul. 15, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1533

    Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers m... Read more

    Affected Products : office works office_xp
    • Published: Jun. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1370

    Stack-based buffer overflow in ape_plugin.plg in Xilisoft Video Converter 3.1.53.0704n and 5.1.23.0402 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in a .cue file.... Read more

    Affected Products : xilisoft_video_converter
    • Published: Apr. 22, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1351

    Heap-based buffer overflow in Apollo 37zz allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long URI in a playlist (.m3u) file.... Read more

    Affected Products : apollo
    • Published: Apr. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1431

    XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Ed... Read more

    • Published: Apr. 29, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1324

    Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.... Read more

    Affected Products : asx_to_mp3_converter
    • Published: Apr. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1331

    Integer overflow in Microsoft Windows Media Player (WMP) 11.0.5721.5260 allows remote attackers to cause a denial of service (application crash) via a crafted .mid file, as demonstrated by crash.mid.... Read more

    Affected Products : windows_media_player
    • Published: Apr. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1325

    Stack-based buffer overflow in Mini-stream Ripper 3.0.1.1 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.... Read more

    Affected Products : ripper
    • Published: Apr. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1392

    The browser engine in Mozilla Firefox 3 before 3.0.11, Thunderbird before 2.0.0.22, and SeaMonkey before 1.1.17 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors r... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Jun. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1491

    McAfee GroupShield for Microsoft Exchange on Exchange Server 2000, and possibly other anti-virus or anti-spam products from McAfee or other vendors, does not scan X- headers for malicious content, which allows remote attackers to bypass virus detection vi... Read more

    Affected Products : exchange_server groupshield
    • Published: May. 05, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1328

    Stack-based buffer overflow in Mini-stream RM-MP3 Converter 3.0.0.7 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.... Read more

    Affected Products : rm-mp3_converter
    • Published: Apr. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1352

    Stack-based buffer overflow in Dawningsoft PowerCHM 5.7 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an HTML file with a link to a long URL, as demonstrated by a .rar URL.... Read more

    Affected Products : powerchm
    • Published: Apr. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1326

    Stack-based buffer overflow in Mini-stream RM Downloader 3.0.0.9 allows remote attackers to execute arbitrary code via a long URI in a playlist (.m3u) file.... Read more

    Affected Products : rm_downloader
    • Published: Apr. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1356

    Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist (.xpl) file.... Read more

    Affected Products : elecard_avc_hd_player
    • Published: Apr. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1137

    Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulnerabil... Read more

    Affected Products : powerpoint office_powerpoint
    • Published: May. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-1097

    Multiple buffer overflows in Java SE Development Kit (JDK) and Java Runtime Environment (JRE) 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via (1) a crafted PNG image that triggers an integer overflow during mem... Read more

    Affected Products : jre jdk
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294690 Results