Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-1868

    Multiple buffer overflows in VideoLAN VLC media player 2.0.4 and earlier allow remote attackers to cause a denial of service (crash) and execute arbitrary code via vectors related to the (1) freetype renderer and (2) HTML subtitle parser.... Read more

    Affected Products : vlc_media_player
    • Published: Jul. 10, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1361

    Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL ... Read more

    • Published: Jan. 21, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1338

    Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v... Read more

    Affected Products : internet_explorer
    • Published: May. 02, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1335

    Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability."... Read more

    Affected Products : word word_viewer
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1327

    Integer signedness error in Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers an improper memory allocation, aka "Publisher Signed Integer Vulnerability."... Read more

    Affected Products : publisher
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1325

    Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Heap Overwrite Vulnerability."... Read more

    Affected Products : office
    • Published: Nov. 13, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1321

    Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability."... Read more

    Affected Products : publisher
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1316

    Microsoft Publisher 2003 SP3 does not properly validate the size of an unspecified array, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Negative Value Allocation Vulnerability."... Read more

    Affected Products : publisher
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1312

    Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1306

    Use-after-free vulnerability in Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different vulnerabilit... Read more

    Affected Products : internet_explorer
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1304

    Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v... Read more

    Affected Products : internet_explorer
    • Published: Apr. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1303

    Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers access to a deleted object, aka "Internet Explorer Use After Free Vulnerability," a different v... Read more

    Affected Products : internet_explorer
    • Published: Apr. 09, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1015

    Apple QuickTime before 7.7.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted TeXML file.... Read more

    • Published: May. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    CRITICAL
    CVE-2023-0606

    Cross-site Scripting (XSS) - Reflected in GitHub repository ampache/ampache prior to 5.5.7.... Read more

    Affected Products : ampache
    • Published: Feb. 01, 2023
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-0875

    The ff_add_png_paeth_prediction function in libavcodec/pngdec.c in FFmpeg before 1.1.3 allows remote attackers to have an unspecified impact via a crafted PNG image, related to an out-of-bounds array access.... Read more

    Affected Products : ffmpeg
    • Published: Nov. 23, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0853

    The wavpack_decode_frame function in libavcodec/wavpack.c in FFmpeg before 1.1 allows remote attackers to have an unspecified impact via crafted WavPack data, which triggers an out-of-bounds array access, possibly due to an off-by-one error.... Read more

    Affected Products : ffmpeg
    • Published: Dec. 07, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0845

    libavcodec/alsdec.c in FFmpeg before 1.0.4 allows remote attackers to have an unspecified impact via a crafted block length, which triggers an out-of-bounds write.... Read more

    Affected Products : ffmpeg
    • Published: Dec. 07, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0732

    Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming table entries.... Read more

    Affected Products : pdf_reader
    • Published: Mar. 27, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-0593

    Unspecified vulnerability in the olch2x32 ActiveX control in IBM SPSS SamplePower 3.0 before 3.0-IM-S3SAMPC-WIN32-FP001 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : spss_samplepower
    • Published: Apr. 27, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-0150

    Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," al... Read more

    • Published: Aug. 09, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 294848 Results