Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-1401

    Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, allows remote attackers to execute arbitrary code or cause a d... Read more

    • Published: Jun. 11, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-2231

    Untrusted search path vulnerability in The installer of MLIT DenshiSeikabutsuSakuseiShienKensa system Ver3.02 and earlier, distributed till June 20, 2017, The self-extracting archive including the installer of MLIT DenshiSeikabutsuSakuseiShienKensa system... Read more

    Affected Products : denshiseikabutsusakuseishienkensa
    • Published: Jul. 07, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2009-3909

    Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow.... Read more

    Affected Products : gimp
    • Published: Nov. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3606

    Integer overflow in the PSOutputDev::doImageL1Sep function in Xpdf before 3.02pl4, and Poppler 0.x, as used in kdegraphics KPDF, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.... Read more

    Affected Products : xpdfreader kpdf poppler xpdf
    • Published: Oct. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-3715

    Sun Java System Application Server and Web Server 7.0 through 9.0 before 20070710 do not properly process XSLT stylesheets in XSLT transforms in XML signatures, which allows context-dependent attackers to execute an arbitrary Java method via a crafted sty... Read more

    • Published: Jul. 11, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-1726

    Unspecified vulnerability in Firefox and Thunderbird 1.5 before 1.5.0.2, and SeaMonkey before 1.0.1, allows remote attackers to bypass the js_ValueToFunctionObject check and execute arbitrary code via unknown vectors involving setTimeout and Firefox' ForE... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Apr. 14, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2006-0748

    Mozilla Firefox and Thunderbird 1.x before 1.5.0.2 and 1.0.x before 1.0.8, Mozilla Suite before 1.7.13, and SeaMonkey before 1.0.1 allows remote attackers to execute arbitrary code via "an invalid and non-sensical ordering of table-related tags" that resu... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Apr. 14, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2007-5487

    Stack-based buffer overflow in COWON America jetAudio Basic 7.0.3 allows user-assisted remote attackers to execute arbitrary code via a long URL in an EXTM3U section of a .m3u file.... Read more

    Affected Products : jetaudio jetaudio
    • Published: Oct. 16, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2017-3072

    Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: May. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-6032

    Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote attackers to create digital signatures for code by leveraging knowledge of a key from a different installation.... Read more

    Affected Products : iq_panel
    • Published: Oct. 31, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2007-5406

    kpagrdr.dll 2.0.0.2 and 10.3.0.0 in the Applix Presents reader in Autonomy (formerly Verity) KeyView, as used by IBM Lotus Notes, Symantec Mail Security, and activePDF DocConverter, does not properly parse long tokens, which allows remote attackers to cau... Read more

    Affected Products : lotus_notes mail_security keyview
    • Published: Apr. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-5338

    Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5 allow remote attackers to execute arbitrary Javascript with user privileges by using the Script object to modify XPCNativeWrappers in a way that causes the script to be executed when a chrome actio... Read more

    Affected Products : firefox seamonkey
    • Published: Oct. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-1999-0353

    rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory.... Read more

    Affected Products : hp-ux
    • Published: Feb. 10, 1999
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2017-11261

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EM... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11260

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EM... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2019-13638

    GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system.... Read more

    Affected Products : debian_linux patch
    • Published: Jul. 26, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-11256

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability when generating content using XFA layout engine. Successful exploitation could... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11237

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing module. Successful exploitation could lead to arbitrary... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11231

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbi... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-11226

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image processing engine when processing JPEG 2000 (JP2) code stream ... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294835 Results