Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2025-1087

    Kong Insomnia Desktop Application before 11.0.2 contains a template injection vulnerability that allows attackers to execute arbitrary code. The vulnerability exists due to insufficient validation of user-supplied input when processing template strings, w... Read more

    Affected Products :
    • Published: May. 09, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2019-0585

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office... Read more

    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-0584

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows ... Read more

    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1948

    Buffer overflow in IrfanView 3.99 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via the (1) xoffset or (2) yoffset RLE command, or (3) large non-RLE encoded blocks in a crafted BMP image, as demonstrat... Read more

    Affected Products : irfanview
    • Published: Apr. 11, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1891

    Stack-based buffer overflow in the GetPrivateProfileSectionW function in Akamai Technologies Download Manager ActiveX Control (DownloadManagerV2.ocx) after 2.0.4.4 but before 2.2.1.0 allows remote attackers to execute arbitrary code, related to misinterpr... Read more

    Affected Products : download_manager
    • Published: Apr. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1820

    Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID).... Read more

    Affected Products : callpilot meridian_mail
    • Published: Apr. 02, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2022-28237

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context o... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-28234

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a heap-based buffer overflow vulnerability due to insecure handling of a crafted .pdf file, potentially resulting in arbitrary ... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-28230

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the co... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-27799

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of the acroform event that could result in arbitrary code execution in the co... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-27797

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context o... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-27792

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploit... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-27787

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploit... Read more

    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-27784

    Adobe After Effects versions 22.2.1 (and earlier) and 18.4.5 (and earlier) are affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exp... Read more

    Affected Products : macos windows after_effects
    • Published: May. 06, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1787

    Multiple PHP remote file inclusion vulnerabilities in lib/timesheet.class.php in Softerra Time-Assistant 6.2 and earlier, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) inc_dir or (2) lib_dir pa... Read more

    Affected Products : time-assistant
    • Published: Mar. 31, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2022-26761

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: May. 26, 2022
    • Modified: May. 30, 2025

  • 9.3

    HIGH
    CVE-2022-26720

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privil... Read more

    Affected Products : macos mac_os_x
    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-1754

    PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which b... Read more

    Affected Products : publisher
    • Published: Jul. 10, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1747

    Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption.... Read more

    Affected Products : office
    • Published: May. 08, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-1749

    Integer underflow in the CDownloadSink class code in the Vector Markup Language (VML) component (VGX.DLL), as used in Internet Explorer 5.01, 6, and 7 allows remote attackers to execute arbitrary code via compressed content with an invalid buffer size, wh... Read more

    Affected Products : internet_explorer
    • Published: Aug. 14, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 294746 Results