Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2010-1283

    Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 re... Read more

    Affected Products : macos windows shockwave_player
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1241

    Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) ... Read more

    Affected Products : mac_os_x acrobat_reader windows
    • Published: Apr. 05, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-1212

    js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vector... Read more

    Affected Products : firefox thunderbird
    • Published: Jul. 30, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-2419

    JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "JScript9 Memory Corruption Vulnerability."... Read more

    • Actively Exploited
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2010-0823

    Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and... Read more

    • Published: Jun. 08, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0811

    Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX control in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 ... Read more

    • Published: Jun. 08, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0659

    The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not properly handle a failure of memory allocation, which allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed GIF file that spe... Read more

    Affected Products : chrome webkit
    • Published: Feb. 18, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0647

    WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute arbitrary code in the Chrome sandbox via a malformed RUBY element, as demonstrated by a <ruby>><table><rt> sequence.... Read more

    Affected Products : chrome webkit
    • Published: Feb. 18, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0252

    The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis) in max3activex.dll in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 G... Read more

    • Published: Feb. 10, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0197

    Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-3939

    Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331.... Read more

    Affected Products : webex_recording_format_player
    • Published: Oct. 25, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0052

    Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to "callbacks for HTML elements."... Read more

    Affected Products : safari
    • Published: Mar. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-0049

    Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via HTML elements with right-to-left (RTL) text directionality.... Read more

    Affected Products : safari
    • Published: Mar. 15, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2006-2787

    EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via javascript that calls the valueOf method on objects that were created outside of the sandbox.... Read more

    Affected Products : firefox thunderbird
    • Published: Jun. 02, 2006
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2009-3979

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, SeaMonkey before 2.0.1, and Thunderbird allow remote attackers to cause a denial of service (memory corruption and application crash) or po... Read more

    Affected Products : firefox seamonkey
    • Published: Dec. 17, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3794

    Heap-based buffer overflow in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via crafted dimensions of JPEG data in an SWF file.... Read more

    Affected Products : flash_player adobe_air
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3607

    Integer overflow in the create_surface_from_thumbnail_data function in glib/poppler-page.cc in Poppler 0.x allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF document that triggers... Read more

    Affected Products : poppler poppler
    • Published: Oct. 21, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-5841

    dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using th... Read more

    Affected Products : android
    • Published: Jun. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2009-3466

    Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via a crafted web page that triggers memory corruption, related to an "invalid string length vulnerability." NOTE: some of these details are obtained from third par... Read more

    Affected Products : shockwave_player
    • Published: Nov. 04, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2009-3464

    Adobe Shockwave Player before 11.5.2.602 allows remote attackers to execute arbitrary code via crafted Shockwave content on a web site, related to an "invalid pointer vulnerability," a different issue than CVE-2009-3465. NOTE: some of these details are o... Read more

    Affected Products : shockwave_player
    • Published: Nov. 04, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 294837 Results