Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2007-0671

    Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted... Read more

    • Actively Exploited
    • Published: Feb. 03, 2007
    • Modified: Aug. 13, 2025

  • 9.3

    HIGH
    CVE-2007-0619

    chmlib before 0.39 allows user-assisted remote attackers to execute arbitrary code via a crafted page block length in a CHM file, which triggers memory corruption.... Read more

    Affected Products : chmlib
    • Published: Jan. 31, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-3919

    A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to execute arbitrary code with kernel privilege... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0585

    include/debug.php in Webfwlog 0.92 and earlier, when register_globals is enabled, allows remote attackers to obtain source code of files via the conffile parameter. NOTE: some of these details are obtained from third party information. It is likely that... Read more

    Affected Products : webfwlog
    • Published: Jan. 30, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0443

    Multiple buffer overflows in the CDDBControl ActiveX control in Gracenote CDDB before 20070418 allow remote attackers to execute arbitrary code via long values for certain Proxy configuration parameters.... Read more

    Affected Products : cddbcontrol_activex_control
    • Published: Apr. 24, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0427

    Stack-based buffer overflow in Microsoft Help Workshop 4.03.0002 allows user-assisted remote attackers to execute arbitrary code via a help project (.HPJ) file with a long HLP field in the OPTIONS section.... Read more

    Affected Products : html_help_workshop
    • Published: Jan. 23, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-27906

    Multiple integer overflows were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to cause unexpected application termination or heap corruption.... Read more

    Affected Products : macos
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0348

    Stack-based buffer overflow in the IASystemInfo.dll ActiveX control in (1) InterActual Player 2.60.12.0717, (2) Roxio CinePlayer 3.2, (3) WinDVD 7.0.27.172, and possibly other products, allows remote attackers to execute arbitrary code via a long Applicat... Read more

    Affected Products : cineplayer interactual_player windvd
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0328

    The DWUpdateService ActiveX control in the agent (agent.exe) in Macrovision FLEXnet Connect 6.0 and Update Service 3.x to 5.x allows remote attackers to execute arbitrary commands via (1) the Execute method, and obtain the exit status using (2) the GetExi... Read more

    Affected Products : flexnet_connect update_service
    • Published: Jun. 01, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-17066

    Microsoft Excel Remote Code Execution Vulnerability... Read more

    Affected Products : excel
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0325

    Multiple buffer overflows in the Trend Micro OfficeScan Web-Deployment SetupINICtrl ActiveX control in OfficeScanSetupINI.dll, as used in OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client / Server / Messaging Security 3.0 befo... Read more

    • Published: Feb. 20, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16967

    <p>A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current u... Read more

    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0255

    XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI,... Read more

    Affected Products : xine
    • Published: Jan. 16, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-16037

    Use after free in clipboard in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    Affected Products : chrome
    • Published: Jan. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0239

    OpenOffice.org (OOo) Office Suite allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a prepared link in a crafted document.... Read more

    Affected Products : openoffice
    • Published: Mar. 21, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-0315

    Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors related to (1) Options.cpp when storing settings in the registry, and (2) the t... Read more

    Affected Products : filezilla
    • Published: Jan. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2025-10155

    An Improper Input Validation vulnerability in the scanning logic of mmaitre314 picklescan versions up to and including 0.0.30 allows a remote attacker to bypass pickle files security checks by supplying a standard pickle file with a PyTorch-related file e... Read more

    Affected Products : picklescan
    • Published: Sep. 17, 2025
    • Modified: Sep. 17, 2025
    • Vuln Type: Injection

  • 9.3

    HIGH
    CVE-2020-1563

    A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. I... Read more

    Affected Products : office 365_apps excel
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-0218

    Microsoft Internet Explorer 5.01 and 6 allows remote attackers to execute arbitrary code by instantiating certain COM objects from Urlmon.dll, which triggers memory corruption during a call to the IObjectSafety function.... Read more

    • Published: Jun. 12, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-1508

    <p>A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.</p> <p>There are multiple ways an attacker coul... Read more

    • Published: Sep. 11, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 294836 Results