Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2009-0306

    Buffer overflow in the IBM Lotus Notes Intellisync ActiveX control in lnresobject.dll in BlackBerry Desktop Manager in Research In Motion (RIM) BlackBerry Desktop Software before 5.0.1 allows remote attackers to execute arbitrary code via a crafted web pa... Read more

    • Published: Nov. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0282

    Integer overflow in Ralink Technology USB wireless adapter (RT73) 3.08 for Windows, and other wireless card drivers including rt2400, rt2500, rt2570, and rt61, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary cod... Read more

    Affected Products : windows_2000 rt73
    • Published: Jan. 27, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0221

    Integer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a PowerPoint file containing a crafted record type for "collaboration information for different slides" that contains a field that ... Read more

    Affected Products : powerpoint office_powerpoint
    • Published: May. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0266

    Stack-based buffer overflow in Triologic Media Player 8.0.0.0 allows user-assisted remote attackers to execute arbitrary code via a long string in a .m3l playlist file. NOTE: the provenance of this information is unknown; the details are obtained solely ... Read more

    Affected Products : media_player
    • Published: Jan. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0191

    Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 3.0.2009.1301, does not properly handle a JBIG2 symbol dictionary segment with zero new symbols, which allows remote attackers to execute arbitrary code via a crafted PDF file that tr... Read more

    Affected Products : foxit_reader reader
    • Published: Mar. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0187

    Stack-based buffer overflow in Orbit Downloader 2.8.2 and 2.8.3, and possibly other versions before 2.8.5, allows remote attackers to execute arbitrary code via a crafted HTTP URL with a long host name, which is not properly handled when constructing a "C... Read more

    Affected Products : orbit_downloader
    • Published: Feb. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0224

    Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and 9.0;... Read more

    • Published: May. 12, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0184

    Multiple buffer overflows in the torrent parsing implementation in Free Download Manager (FDM) 2.5 Build 758 and 3.0 Build 844 allow remote attackers to execute arbitrary code via (1) a long file name within a torrent file, (2) a long tracker URL in a tor... Read more

    • Published: Feb. 03, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0135

    Multiple integer overflows in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to execute arbitrary code via an Audible Audio (.aa) file with a large (1) nlen or (2) vlen Tag value... Read more

    Affected Products : amarok
    • Published: Jan. 16, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0261

    Stack-based buffer overflow in EffectMatrix Total Video Player 1.31 allows user-assisted attackers to execute arbitrary code via a Skins\DefaultSkin\DefaultSkin.ini file with a large ColumnHeaderSpan value.... Read more

    Affected Products : total_video_player
    • Published: Jan. 23, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0197

    Integer overflow in the FORMATS Plugin before 4.23 for IrfanView allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large XPM file that triggers a heap-based buffer overflow.... Read more

    Affected Products : formats
    • Published: Apr. 09, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0193

    Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-... Read more

    Affected Products : acrobat_reader
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0231

    The Embedded OpenType (EOT) Font Engine (T2EMBED.DLL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via a crafted name table in a da... Read more

    • Published: Jul. 15, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0175

    Heap-based buffer overflow in Heathco Software MP3 TrackMaker 1.5 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long string in an invalid .mp3 file.... Read more

    Affected Products : mp3_trackmaker
    • Published: Jan. 20, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0090

    Microsoft .NET Framework 1.0 SP3, 1.1 SP1, and 2.0 SP1 does not properly validate .NET verifiable code, which allows remote attackers to obtain unintended access to stack memory, and execute arbitrary code, via (1) a crafted XAML browser application (XBAP... Read more

    • Published: Oct. 14, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0076

    Microsoft Internet Explorer 7, when XHTML strict mode is used, allows remote attackers to execute arbitrary code via the zoom style directive in conjunction with unspecified other directives in a malformed Cascading Style Sheets (CSS) stylesheet in a craf... Read more

    • Published: Feb. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0100

    Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File ... Read more

    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0194

    The domain-locking implementation in the GARMINAXCONTROL.GarminAxControl_t.1 ActiveX control in npGarmin.dll in the Garmin Communicator Plug-In 2.6.4.0 does not properly enforce the restrictions that (1) download and (2) upload requests come from a web si... Read more

    Affected Products : garmin_communicator_plugin
    • Published: May. 11, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0098

    Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka... Read more

    Affected Products : exchange_server
    • Published: Feb. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-0070

    Integer signedness error in Apple Safari allows remote attackers to read the contents of arbitrary memory locations, cause a denial of service (application crash), and probably have unspecified other impact via the array index of the arguments array in a ... Read more

    Affected Products : safari
    • Published: Jan. 08, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294690 Results