Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2006-4221

    Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 allows remote attackers to execute arbitrary code via a long filename parameter to the RunEgatherer method.... Read more

    Affected Products : egatherer
    • Published: Aug. 18, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3985

    Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name.... Read more

    Affected Products : powerarchiver powerarchiver
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3730

    Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads... Read more

    Affected Products : internet_explorer windows_xp ie
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    CRITICAL
    CVE-2024-32709

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5. ... Read more

    Affected Products :
    • Published: Apr. 24, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1176

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1175.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12608

    An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead t... Read more

    • Published: May. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12426

    Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This ... Read more

    Affected Products : firefox leap
    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12417

    Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects... Read more

    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12410

    Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This v... Read more

    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-3086

    Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demon... Read more

    Affected Products : hyperlink_object_library
    • Published: Jun. 19, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2020-12416

    A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.... Read more

    Affected Products : firefox leap
    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-4449

    Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.... Read more

    Affected Products : mirc
    • Published: Oct. 06, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4389

    Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a clie... Read more

    Affected Products : workspace_streaming appstream
    • Published: Jun. 17, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1174

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1175, CVE-2020-1176.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-11901

    The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.... Read more

    Affected Products : tcp\/ip
    • Published: Jun. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0472

    The cairo-dwrite implementation in Mozilla Firefox 4.x through 11.0, Firefox ESR 10.x before 10.0.4, Thunderbird 5.0 through 11.0, Thunderbird ESR 10.x before 10.0.4, and SeaMonkey before 2.9, when certain Windows Vista and Windows 7 configurations are us... Read more

    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-2383

    Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4 and 6 SP1 and earlier allows remote attackers to execute arbitrary code via "unexpected data" related to "parameter validation" in the DXImageTransform.Microsoft.Light ActiveX control, whic... Read more

    Affected Products : internet_explorer
    • Published: Jun. 13, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-2379

    Buffer overflow in the TCP/IP Protocol driver in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via unknown vectors related to IP source routing.... Read more

    • Published: Jun. 13, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-2218

    Unspecified vulnerability in Internet Explorer 6.0 on Microsoft Windows XP SP2 allows remote attackers to execute arbitrary code via "exceptional conditions" that trigger memory corruption, as demonstrated using an exception handler and nested object tags... Read more

    Affected Products : internet_explorer windows_xp
    • Published: May. 05, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2012-0619

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 294690 Results