Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2020-16967

    <p>A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current u... Read more

    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0255

    XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI,... Read more

    Affected Products : xine
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16037

    Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome
    • Published: Jan. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0239

    OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.... Read more

    Affected Products : openoffice
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0315

    Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the t... Read more

    Affected Products : filezilla
    • Published: Jan. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2025-10155

    An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file e... Read more

    Affected Products : picklescan
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2020-1563

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. I... Read more

    Affected Products : office 365_apps excel
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0218

    Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.... Read more

    • Published: Jun. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-1508

    <p>A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.</p> <p>There are multiple ways an attacker coul... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1496

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If... Read more

    Affected Products : office 365_apps excel
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1401

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1407.... Read more

    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0209

    Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing object, which leads to memory corruption... Read more

    Affected Products : office works
    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0068

    IBM Lotus Domino 7.0.x before 7.0.3 does not revalidate the signature on a signed scheduled agent after the agent is modified, which allows remote authenticated users to gain privileges via a modified agent in a server database.... Read more

    Affected Products : lotus_domino
    • Published: Jun. 06, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0029

    Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability."... Read more

    Affected Products : office excel_viewer excel works
    • Published: Jan. 09, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0033

    Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file.... Read more

    Affected Products : office outlook
    • Published: Jan. 09, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-1136

    A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1126, CVE-2020-1150.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-7201

    EMC RSA Security SiteKey does not set the secure qualifier on the SiteKey Flash token (aka the PassMark Flash shared object), which might allow remote attackers to obtain the token via HTTP.... Read more

    Affected Products : rsa_security_sitekey
    • Published: Apr. 30, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-1013

    <p>An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the targe... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2006-7185

    PHP remote file inclusion vulnerability in includes/user_standard.php in CMSmelborp Beta allows remote attackers to execute arbitrary PHP code via a URL in the relative_root parameter.... Read more

    Affected Products : cmsmelborp
    • Published: Mar. 30, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-0950

    A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0948, CVE-2020-0949.... Read more

    • Published: Apr. 15, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294754 Results