Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2008-1973

    Heap-based buffer overflow in SubEdit Player build 4056 and 4066 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long subtitle file.... Read more

    Affected Products : subedit_player
    • Published: Apr. 27, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1965

    Argument injection vulnerability in the cai: URI handler in rcplauncher in IBM Lotus Expeditor Client for Desktop 6.1.1 and 6.1.2, as used by Lotus Symphony and possibly other products, allows remote attackers to execute arbitrary code by injecting a -lau... Read more

    • Published: Apr. 25, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1912

    Stack-based buffer overflow in DivX Player 6.7 build 6.7.0.22 and earlier allows user-assisted remote attackers to cause a denial of service (application crash) or execute arbitrary code via a long subtitle in a .SRT file.... Read more

    Affected Products : divx_player
    • Published: Apr. 22, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1898

    A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInterfac... Read more

    Affected Products : office works
    • Published: Apr. 21, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1860

    Static code injection vulnerability in admin.php in LokiCMS 0.3.3 and earlier allows remote attackers to inject arbitrary PHP code into includes/Config.php via the default parameter.... Read more

    Affected Products : lokicms
    • Published: Apr. 17, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-1925

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected sof... Read more

    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1929

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected sof... Read more

    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-1802

    Buffer overflow in the process_redirect_pdu (rdp.c) function in rdesktop 1.5.0 allows remote attackers to execute arbitrary code via a Remote Desktop Protocol (RDP) redirect request with modified length fields.... Read more

    Affected Products : rdesktop
    • Published: May. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1803

    Integer signedness error in the xrealloc function (rdesktop.c) in RDesktop 1.5.0 allows remote attackers to execute arbitrary code via unknown parameters that trigger a heap-based overflow. NOTE: the role of the channel_process function was not specified... Read more

    Affected Products : rdesktop
    • Published: May. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1805

    Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is no... Read more

    Affected Products : skype skype
    • Published: Jun. 06, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1801

    Integer underflow in the iso_recv_msg function (iso.c) in rdesktop 1.5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a Remote Desktop Protocol (RDP) request with a small length field.... Read more

    Affected Products : rdesktop
    • Published: May. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1770

    CRLF injection vulnerability in Akamai Download Manager ActiveX control before 2.2.3.6 allows remote attackers to force the download and execution of arbitrary files via a URL parameter containing an encoded LF followed by a malicious target line.... Read more

    Affected Products : download_manager
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-2360

    An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. macOS before 10.12.3 is affected. tvOS before 10.1.1 is affected. watchOS before 3.1.3 is affected. The issue involves the "Kernel" component. It allows attackers to execute... Read more

    Affected Products : mac_os_x iphone_os tvos watchos webkitgtk\+
    • Published: Feb. 20, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2008-1764

    Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to "keyboard handling of password inputs."... Read more

    Affected Products : opera opera_browser
    • Published: Apr. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-1855

    A vulnerability in the loading mechanism of specific dynamic link libraries in Cisco Jabber for Windows could allow an authenticated, local attacker to perform a DLL preloading attack. To exploit this vulnerability, the attacker would need to have valid c... Read more

    Affected Products : jabber
    • Published: Jul. 04, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-1765

    Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and possibly After Effects CS3, allows user-assisted remote attackers and physically proximate attackers to execute arbitrary code via a BMP file with an invalid image header. NOTE: the relate... Read more

    Affected Products : photoshop
    • Published: Apr. 23, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1761

    Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.... Read more

    Affected Products : opera opera_browser
    • Published: Apr. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-1724

    Stack-based buffer overflow in the IActiveXTransfer.FileTransfer method in the SecureTransport FileTransfer ActiveX control in vcst_en.dll 1.0.0.5 in Tumbleweed SecureTransport Server before 4.6.1 Hotfix 20 allows remote attackers to execute arbitrary cod... Read more

    • Published: Apr. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2023-6198

    Use of Hard-coded Credentials vulnerability in Baicells Snap Router BaiCE_BMI on EP3011 (User Passwords modules) allows unauthorized access to the device.... Read more

    Affected Products :
    • Published: Jun. 25, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-0752

    A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835.... Read more

    Affected Products : android
    • Published: Sep. 08, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294836 Results