Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2008-4587

    Insecure method vulnerability in the MSVNClientDownloadManager61Lib.DownloadManager.1 ActiveX control (ISDM.exe 6.1.100.61372) in Macrovision FLEXnet Connect 6.1 allows remote attackers to force the download and execution of arbitrary files via the AddFil... Read more

    Affected Products : flexnet_connect
    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4499

    Multiple directory traversal vulnerabilities in PHP Web Explorer 0.99b and earlier allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the (1) refer parameter to main.php and the (2) file parameter to edit.php.... Read more

    Affected Products : php_web_explorer_lite
    • Published: Oct. 09, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4470

    Stack-based buffer overflow in Numark CUE 5.0 rev2 allows user-assisted attackers to cause a denial of service (application crash) or execute arbitrary code via an M3U playlist file that contains a long absolute pathname.... Read more

    Affected Products : cue
    • Published: Oct. 07, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-5177

    The NTLM authentication in MailEnable Professional 2.0 and Enterprise 2.0 allows remote attackers to (1) execute arbitrary code via unspecified vectors involving crafted base64 encoded NTLM Type 3 messages, or (2) cause a denial of service via crafted bas... Read more

    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-13376

    SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie.... Read more

    Affected Products : securmail
    • Published: Aug. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0986

    A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This af... Read more

    • Published: Apr. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-4221

    Stack-based buffer overflow in the IBM Access Support eGatherer ActiveX control before 3.20.0284.0 allows remote attackers to execute arbitrary code via a long filename parameter to the RunEgatherer method.... Read more

    Affected Products : egatherer
    • Published: Aug. 18, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3985

    Stack-based buffer overflow in DZIPS32.DLL 6.0.0.4 in ConeXware PowerArchiver 9.62.03 allows user-assisted attackers to execute arbitrary code by adding a new file to a crafted ZIP archive that already contains a file with a long name.... Read more

    Affected Products : powerarchiver powerarchiver
    • Published: Aug. 05, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3730

    Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads... Read more

    Affected Products : internet_explorer windows_xp ie
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    CRITICAL
    CVE-2024-32709

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5. ... Read more

    Affected Products :
    • Published: Apr. 24, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1176

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1175.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12608

    An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead t... Read more

    • Published: May. 07, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12426

    Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This ... Read more

    Affected Products : firefox leap
    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12417

    Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects... Read more

    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-12410

    Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This v... Read more

    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-3086

    Stack-based buffer overflow in the HrShellOpenWithMonikerDisplayName function in Microsoft Hyperlink Object Library (hlink.dll) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long hyperlink, as demon... Read more

    Affected Products : hyperlink_object_library
    • Published: Jun. 19, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2020-12416

    A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78.... Read more

    Affected Products : firefox leap
    • Published: Jul. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-4449

    Stack-based buffer overflow in mIRC 6.34 allows remote attackers to execute arbitrary code via a long hostname in a PRIVMSG message.... Read more

    Affected Products : mirc
    • Published: Oct. 06, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4389

    Symantec AppStream 5.2.x and Symantec Workspace Streaming (SWS) 6.1.x before 6.1 SP4 do not properly perform authentication, which allows remote Workspace Streaming servers and man-in-the-middle attackers to download arbitrary executable files onto a clie... Read more

    Affected Products : workspace_streaming appstream
    • Published: Jun. 17, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-1174

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1175, CVE-2020-1176.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294836 Results