Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2012-1499

    The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."... Read more

    Affected Products : openjpeg
    • Published: Apr. 11, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1144

    FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid heap write operation and memory corruption) or possibly execute arbitrary code via a crafted TrueType ... Read more

    Affected Products : freetype firefox_mobile
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1139

    Array index error in FreeType before 2.4.9, as used in Mozilla Firefox Mobile before 10.0.4 and other products, allows remote attackers to cause a denial of service (invalid stack read operation and memory corruption) or possibly execute arbitrary code vi... Read more

    Affected Products : freetype firefox_mobile
    • Published: Apr. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-0946

    A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2... Read more

    Affected Products : office office_365_proplus
    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-0902

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-0898

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-0899

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0773

    The NetStream class in Adobe Flash Player before 10.3.183.18 and 11.x before 11.2.202.228 on Windows, Mac OS X, and Linux; Flash Player before 10.3.183.18 and 11.x before 11.2.202.223 on Solaris; Flash Player before 11.1.111.8 on Android 2.x and 3.x; and ... Read more

    • Published: Mar. 28, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-0904

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more

    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 9.3

    HIGH
    CVE-2019-0893

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0682

    WebKit, as used in Apple Safari before 6.0, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-S... Read more

    Affected Products : safari
    • Published: Jul. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0668

    Buffer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with RLE encoding.... Read more

    Affected Products : quicktime
    • Published: May. 16, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-0889

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, ... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0642

    Integer underflow in Apple iOS before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service (device crash) via a crafted catalog file in an HFS disk image.... Read more

    Affected Products : iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-0885

    A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0633

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0625

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-0903

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.... Read more

    • Actively Exploited
    • Published: May. 16, 2019
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2012-0617

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-0616

    WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CV... Read more

    Affected Products : itunes iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 294798 Results