Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2017-8632

    A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft... Read more

    • Published: Sep. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8620

    Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improper... Read more

    • Published: Aug. 08, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2012-0183

    Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mismatch... Read more

    Affected Products : office word office_compatibility_pack
    • Published: May. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-8512

    A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-20... Read more

    • Published: Jun. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-8501

    Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502.... Read more

    • Published: Jul. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2011-3961

    Race condition in Google Chrome before 17.0.963.46 allows remote attackers to execute arbitrary code via vectors that trigger a crash of a utility process.... Read more

    Affected Products : chrome
    • Published: Feb. 09, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-8463

    Windows Shell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it imp... Read more

    • Published: Jul. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2011-3655

    Mozilla Firefox 4.x through 7.0 and Thunderbird 5.0 through 7.0 perform access control without checking for use of the NoWaiverWrapper wrapper, which allows remote attackers to gain privileges via a crafted web site.... Read more

    Affected Products : firefox thunderbird
    • Published: Nov. 09, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3248

    Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime movie file.... Read more

    • Published: Oct. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-6651

    In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation (accepting an arbitrary substring match) for WebSocket API requests allows remote attackers to bypass intended access... Read more

    Affected Products : uncurl parsec
    • Published: Feb. 05, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-3002

    Almost Native Graphics Layer Engine (ANGLE), as used in Mozilla Firefox before 7.0 and SeaMonkey before 2.4, does not validate the return value of a GrowAtomTable function call, which allows remote attackers to cause a denial of service (application crash... Read more

    Affected Products : firefox seamonkey
    • Published: Sep. 29, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3890

    Stack-based buffer overflow in the Sky Software FileView ActiveX control, as used in WinZip 10 before build 7245 and in certain other applications, allows remote attackers to execute arbitrary code via a long FilePattern attribute in a WZFILEVIEW object, ... Read more

    Affected Products : winzip fileview_activex_control
    • Published: Nov. 21, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2011-2441

    Multiple stack-based buffer overflows in CoolType.dll in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Sep. 15, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2434

    Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2437.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Sep. 15, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2432

    Buffer overflow in the U3D TIFF Resource in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : acrobat acrobat_reader
    • Published: Sep. 15, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2125

    Buffer overflow in Dirapix.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2119

    Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-201... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2096

    Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1986

    Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Use after Free WriteAV Vulnerability."... Read more

    Affected Products : excel
    • Published: Sep. 15, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-6475

    In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges.... Read more

    Affected Products : superantispyware
    • Published: Jan. 31, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 294846 Results