Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-3648

    Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) vi... Read more

    • Published: Nov. 07, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3639

    Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown v... Read more

    • Published: Nov. 07, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3291

    The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security an... Read more

    Affected Products : ios
    • Published: Jun. 28, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2010-3275

    libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute arbitrary code via a crafted width in an AMV file, related to a "dangling pointer vulnerability."... Read more

    Affected Products : vlc_media_player
    • Published: Mar. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-3242

    Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Ghost Record Type Pa... Read more

    • Published: Oct. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3308

    Unspecified vulnerability in the wpprop code for Project EROS bbsengine before 20060622-0315 has unknown impact and remote attack vectors via [img] tags, possibly cross-site scripting (XSS).... Read more

    Affected Products : project_eros_bbsengine
    • Published: Jun. 29, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2010-2880

    DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demons... Read more

    Affected Products : shockwave_player
    • Published: Aug. 26, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2875

    Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a length value associated with the tSAC chunk in a Director movie.... Read more

    Affected Products : shockwave_player
    • Published: Aug. 26, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2646

    Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : chrome
    • Published: Jul. 06, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2587

    The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2588 and CVE-2010-4188.... Read more

    Affected Products : shockwave_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2202

    Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Jun. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2188

    Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code by calling the ActionScript native object 2200 connect m... Read more

    Affected Products : flash_player flash_player air
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2178

    Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than ... Read more

    Affected Products : flash_player flash_player air
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-2169

    Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allow attackers to cause a denial of service (pointer memory corruption) or possibly execute arbitrary code via unspecified vectors.... Read more

    Affected Products : flash_player flash_player air
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1885

    The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP and Windows Server 2003 does not properly handle malformed escape sequences, which allows remote attackers to bypass the trusted documents whitelist (from... Read more

    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1825

    Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to nested SVG elements.... Read more

    Affected Products : chrome
    • Published: Sep. 24, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-3134

    Buffer overflow in GraceNote CDDBControl ActiveX Control, as used by multiple products that use Gracenote CDDB, allows remote attackers to execute arbitrary code via a long option string.... Read more

    Affected Products : cddbcontrol_activex_control
    • Published: Jun. 27, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2010-1383

    CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary code by replaying the NTLM credentials of a client user, related to a "credential reflection" issue.... Read more

    • Published: Jul. 21, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1295

    Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Jun. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1288

    Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow attackers to execute arbitrary code via unspecified vectors.... Read more

    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 294846 Results