Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2014-1490

    Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a... Read more

    • Published: Feb. 06, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-3006

    Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008.... Read more

    Affected Products : java
    • Published: Jul. 23, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-4082

    An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute... Read more

    Affected Products : mac_os_x iphone_os watchos apple_tv
    • Published: Apr. 03, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-1732

    Buffer overflow in the nsFloatManager::GetFlowArea function in Mozilla Firefox before 24.0, Firefox ESR 17.x before 17.0.9, Thunderbird before 24.0, Thunderbird ESR 17.x before 17.0.9, and SeaMonkey before 2.21 allows remote attackers to execute arbitrary... Read more

    • Published: Sep. 18, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0769

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.1, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.1, and SeaMonkey before ... Read more

    • Published: Jan. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0746

    Mozilla Firefox before 18.0, Firefox ESR 10.x before 10.0.12 and 17.x before 17.0.2, Thunderbird before 17.0.2, Thunderbird ESR 10.x before 10.0.12 and 17.x before 17.0.2, and SeaMonkey before 2.15 do not properly implement quickstubs that use the jsval d... Read more

    • Published: Jan. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-4820

    Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli... Read more

    • Published: Jan. 11, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0577

    Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.... Read more

    Affected Products : flash_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0061

    Buffer overflow in Mozilla Firefox 3.6.x before 3.6.14, Thunderbird before 3.1.8, and SeaMonkey before 2.0.12 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted JPEG image.... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Mar. 02, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3775

    Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remote attackers to start processes, read arbitrary local fil... Read more

    Affected Products : firefox seamonkey
    • Published: Dec. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3772

    Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to execute arbitrary code via vectors involving a DIV eleme... Read more

    Affected Products : firefox seamonkey
    • Published: Dec. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2971

    loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of name##env relative to name##tick and name##node, which allows remote attackers to trigger a buffer over-read and possibly have unspecified other impact via a... Read more

    Affected Products : libmikmod
    • Published: Aug. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2753

    Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tr... Read more

    • Published: Jul. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1771

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors in... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1761

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors in... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1404

    Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an SVG doc... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1401

    Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a d... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-2231

    Untrusted search path vulnerability in The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017, The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system... Read more

    Affected Products : denshiseikabutsusakuseishienkensa
    • Published: Jul. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-3909

    Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.... Read more

    Affected Products : gimp
    • Published: Nov. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3606

    Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.... Read more

    Affected Products : xpdfreader kpdf poppler xpdf
    • Published: Oct. 21, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294796 Results