Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2008-3625

    Stack-based buffer overflow in Apple QuickTime before 7.5.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a QuickTime Virtual Reality (QTVR) movie file with crafted (1) maxTilt, (2) minFieldOfView, ... Read more

    Affected Products : quicktime
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-2099

    In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitatio... Read more

    Affected Products : android
    • Published: Jun. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-2018

    In resetPasswordInternal of DevicePolicyManagerService.java, there is a possible bypass of password reset protection due to an unusual root cause. Remote user interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID... Read more

    Affected Products : android
    • Published: Jun. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-0116

    Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability."... Read more

    • Published: Mar. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-2044

    In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interactio... Read more

    Affected Products : android
    • Published: May. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-3615

    ir50_32.qtx in an unspecified third-party Indeo v5 codec for QuickTime, when used with Apple QuickTime before 7.5.5 on Windows, accesses uninitialized memory, which allows remote attackers to execute arbitrary code or cause a denial of service (applicatio... Read more

    Affected Products : quicktime windows
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-25071

    A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands ... Read more

    Affected Products : iphone_os
    • Published: Jun. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-3558

    Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method.... Read more

    Affected Products : webex_meeting_manager
    • Published: Aug. 08, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3473

    Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive informat... Read more

    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3476

    Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle errors associated with access to uninitialized memory, which allows remote attackers to execute arbitrary code via a crafted HTML document, aka "HTML Objects Memory Corruption Vulnerabili... Read more

    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3460

    WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, ak... Read more

    Affected Products : office works office_converter_pack
    • Published: Aug. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3480

    Stack-based buffer overflow in the Anzio Web Print Object (WePO) ActiveX control 3.2.19 and 3.2.24, as used in Anzio Print Wizard, allows remote attackers to execute arbitrary code via a long mainurl parameter.... Read more

    Affected Products : print_wizard web_print_object
    • Published: Aug. 29, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3595

    PHP remote file inclusion vulnerability in examples/txtSQLAdmin/startup.php in txtSQL 2.2 Final allows remote attackers to execute arbitrary PHP code via a URL in the CFG[txtsql][class] parameter.... Read more

    Affected Products : txtsql
    • Published: Aug. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4255

    Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2... Read more

    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3430

    Buffer overflow in the CoVideoWindow.ocx ActiveX control 5.0.907.1 in Eyeball MessengerSDK, as used in products such as SiOL Komunikator 1.3, allows remote attackers to execute arbitrary code via a large argument supplied to the BGColor method. NOTE: thi... Read more

    Affected Products : eyeball_messenger_sdk
    • Published: Jul. 31, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3364

    Buffer overflow in the ObjRemoveCtrl Class ActiveX control in OfficeScanRemoveCtrl.dll 7.3.0.1020 in Trend Micro OfficeScan Corp Edition (OSCE) Web-Deployment 7.0, 7.3 build 1343 Patch 4 and other builds, and 8.0; Client Server Messaging Security (CSM) 3.... Read more

    Affected Products : officescan officescan
    • Published: Jul. 30, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3360

    Stack-based buffer overflow in the HTML parser in IntelliTamper 2.0.7 allows remote attackers to execute arbitrary code via a long URL in the HREF attribute of an A element, a different vulnerability than CVE-2006-2494.... Read more

    Affected Products : intellitamper
    • Published: Jul. 29, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3329

    Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."... Read more

    Affected Products : links
    • Published: Jul. 27, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3285

    The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.... Read more

    Affected Products : filesys_smbclientparser
    • Published: Jul. 24, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3246

    Unspecified vulnerability in the PDF distiller component in the BlackBerry Attachment Service in BlackBerry Unite! 1.0 SP1 (1.0.1) before bundle 36 and BlackBerry Enterprise Server 4.1 SP3 (4.1.3) through 4.1 SP5 (4.1.5) allows user-assisted remote attack... Read more

    • Published: Jul. 21, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 294530 Results