Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2011-0565

    Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vuln... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0556

    The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer der... Read more

    Affected Products : shockwave_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2019-18345

    A reflected XSS issue was discovered in DAViCal through 1.1.8. It echoes the action parameter without encoding. If a user visits an attacker-supplied link, the attacker can view all data the attacked user can view, as well as perform all actions in the na... Read more

    Affected Products : debian_linux davical
    • Published: Dec. 12, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-0225

    WebKit, as used in Apple Safari before 5.0.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0098

    Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2... Read more

    • Published: Apr. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0021

    Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted CDG video.... Read more

    Affected Products : vlc_media_player
    • Published: Jan. 25, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-1246

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, ... Read more

    • Published: Sep. 11, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-4392

    Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.1.2 and 2.1.3, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allows remote attackers to ex... Read more

    Affected Products : linux_kernel realplayer realplayer_sp
    • Published: Dec. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4379

    Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2.1.2, Mac RealPlayer 11.0 through 11.1, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow... Read more

    • Published: Dec. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4371

    Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspecified impact via vectors related to the comment box.... Read more

    Affected Products : winamp
    • Published: Dec. 02, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4196

    The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : shockwave_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4194

    The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : shockwave_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4193

    Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which allows attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : shockwave_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4188

    The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with an IFWV chunk with a size field of 0, which is used in the calculation ... Read more

    Affected Products : shockwave_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4090

    Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • Published: Oct. 29, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4009

    Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.... Read more

    Affected Products : quicktime
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3816

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vector... Read more

    • Published: Nov. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3812

    Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4; webkitgtk before 1.2.6; and possibly other products allows remote ... Read more

    • Published: Nov. 22, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-1468

    A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.... Read more

    • Published: Dec. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-3800

    Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted PICT file.... Read more

    Affected Products : quicktime
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 294706 Results