Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-2741

    Stack-based buffer overflow in Little CMS (lcms) before 1.15 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted ICC profile in a JPG file.... Read more

    Affected Products : lcms
    • Published: May. 17, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1581

    The resource system in PHP 5.0.0 through 5.2.1 allows context-dependent attackers to execute arbitrary code by interrupting the hash_update_file function via a userspace (1) error or (2) stream handler, which can then be used to destroy and modify interna... Read more

    Affected Products : php
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6555

    PHP remote file inclusion vulnerability in modules/mod_pxt_latest.php in the mosDirectory (com_directory) 2.3.2 component for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[mosConfig_absolute_path] parameter.... Read more

    Affected Products : mosdirectory
    • Published: Dec. 28, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6506

    The HPRulesEngine.ContentCollection.1 ActiveX Control in RulesEngine.dll for HP Software Update 4.000.005.007 and earlier, including 3.0.8.4, allows remote attackers to (1) overwrite and corrupt arbitrary files via arguments to the SaveToFile method, and ... Read more

    Affected Products : software_update
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6413

    Sun Solaris 10 with the 120011-04 and 120012-04 patches, and later 120011-* and 120012-* patches, allows remote attackers to bypass certain netgroup restrictions and obtain root access to a filesystem via NFS requests from a client root user.... Read more

    Affected Products : solaris
    • Published: Dec. 17, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6469

    SQL injection vulnerability in index.php in phpRPG 0.8, when magic_qutoes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter. NOTE: some of these details are obtained from third party information.... Read more

    Affected Products : phprpg
    • Published: Dec. 20, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6387

    Multiple stack-based buffer overflows in the awApi4.AnswerWorks.1 ActiveX control in awApi4.dll 4.0.0.42, as used by Vantage Linguistics AnswerWorks, and Intuit Clearly Bookkeeping, ProSeries, QuickBooks, Quicken, QuickTax, and TurboTax, allow remote atta... Read more

    • Published: Dec. 15, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6279

    Multiple double free vulnerabilities in Free Lossless Audio Codec (FLAC) libFLAC before 1.2.1 allow user-assisted remote attackers to execute arbitrary code via malformed (1) Seektable values or (2) Seektable Data Offsets in a .FLAC file.... Read more

    Affected Products : libflac
    • Published: Dec. 07, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6253

    Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5.0 allow remote attackers to execute arbitrary code via unknown vectors in the (1) Adobe File Dialog Button (FileDlg.dll) and the (2) Adobe Copy to Server Object (SvrCopy.dll) ActiveX c... Read more

    Affected Products : form_client form_designer
    • Published: Mar. 12, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6086

    Directory traversal vulnerability in index.php in VigileCMS 1.4 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the module parameter.... Read more

    Affected Products : vigilecms
    • Published: Nov. 22, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6026

    Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a col... Read more

    • Published: Nov. 20, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-15752

    Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or servic... Read more

    Affected Products : docker windows geode
    • Actively Exploited
    • Published: Aug. 28, 2019
    • Modified: Mar. 14, 2025

  • 9.3

    HIGH
    CVE-2007-0447

    Heap-based buffer overflow in the Decomposer component in multiple Symantec products allows remote attackers to execute arbitrary code via multiple crafted CAB archives.... Read more

    • Published: Oct. 05, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0041

    The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, pro... Read more

    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-6731

    Multiple buffer overflows in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE) 5.0 Update 7 and earlier, Java System Development Kit (SDK) and JRE 1.4.2_12 and earlier 1.4.x versions, and SDK and JRE 1.3.1_18 and earlier allow attackers to... Read more

    Affected Products : jre sdk jdk
    • Published: Dec. 26, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-5870

    Multiple integer overflows in OpenOffice.org (OOo) 2.0.4 and earlier, and possibly other versions before 2.1.0; and StarOffice 6 through 8; allow user-assisted remote attackers to execute arbitrary code via a crafted (a) WMF or (b) EMF file that triggers ... Read more

    Affected Products : openoffice staroffice
    • Published: Dec. 31, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-4483

    The cURL extension files (1) ext/curl/interface.c and (2) ext/curl/streams.c in PHP before 5.1.5 permit the CURLOPT_FOLLOWLOCATION option when open_basedir or safe_mode is enabled, which allows attackers to perform unauthorized actions, possibly related t... Read more

    Affected Products : php
    • Published: Aug. 31, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-3647

    Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka "Memmove Code Ex... Read more

    Affected Products : office
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-3016

    Unspecified vulnerability in session.c in PHP before 5.1.3 has unknown impact and attack vectors, related to "certain characters in session names," including special characters that are frequently associated with CRLF injection, SQL injection, cross-site ... Read more

    Affected Products : php
    • Published: Jun. 14, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2007-5820

    Directory traversal vulnerability in index.php in Ax Developer CMS (AxDCMS) 0.1.1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the module parameter.... Read more

    Affected Products : ax_developer_cms
    • Published: Nov. 05, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 294717 Results