Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2018-15414

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected softwa... Read more

    • Published: Oct. 05, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-4790

    Unspecified vulnerability in HP Network Automation 7.5x, 7.6x, 9.0, and 9.10 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : network_automation
    • Published: Feb. 02, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4786

    A certain ActiveX control in HPTicketMgr.dll in HP Easy Printer Care Software 2.5 and earlier allows remote attackers to download an arbitrary program onto a client machine, and execute this program, via unspecified vectors, a different vulnerability than... Read more

    Affected Products : easy_printer_care_software
    • Published: Jan. 12, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4261

    RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted video dimensions in an MP4 file.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-4248

    RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a malformed AAC file.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2018-15421

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected softwa... Read more

    • Published: Oct. 05, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-4047

    The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access.... Read more

    • Published: Nov. 12, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3587

    Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p_ class in OFS/misc_.py and the use of Python modules.... Read more

    Affected Products : plone zope
    • Published: Oct. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3411

    Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect handling of values in memory, aka "Publisher Invalid Pointer Vulnerability."... Read more

    Affected Products : publisher
    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3396

    Untrusted search path vulnerability in Microsoft PowerPoint 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "PowerPoint Insecure Library Loading Vulnerability."... Read more

    Affected Products : powerpoint
    • Published: Dec. 14, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-3251

    Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted TKHD atoms in a QuickTime movie file.... Read more

    • Published: Oct. 28, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2952

    Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via vectors related to a di... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2948

    RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, RealPlayer Enterprise 2.0 through 2.1.5, and Mac RealPlayer 12.0.0.1569 do not properly handle DEFINEFONT fields in SWF files, which allows remote attack... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2656

    Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2655.... Read more

    Affected Products : zenworks_handheld_management
    • Published: Oct. 24, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2386

    VisiWaveReport.exe in AZO Technologies, Inc. VisiWave Site Survey before 2.1.9 allows user-assisted remote attackers to execute arbitrary code via a (1) vws and (2) vwr file with an invalid Type property, which triggers an untrusted pointer dereference.... Read more

    Affected Products : site_survey
    • Published: Jun. 08, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2217

    Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastruct... Read more

    • Published: Jun. 06, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2128

    Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2117, CVE-2011-2124, and CVE-2011-2127.... Read more

    Affected Products : shockwave_player
    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2040

    The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.5.3041, and 3.0.x before 3.0.629, on Linux and Mac OS X downloads a client executable file (vpndownloader.exe) without verifying its authenticity, ... Read more

    • Published: Jun. 02, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2001

    Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an attempted access to a virtual function table after corruption of this table has occurred, aka "Virtual Funct... Read more

    • Published: Oct. 12, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-1995

    Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that was not properly initialized, aka "OLEAuto32.dll Remote Code Execution Vulnerability."... Read more

    • Published: Oct. 12, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 294848 Results