Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2018-12851

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-12797

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user... Read more

    • Published: Jul. 20, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-6171

    includes/bootstrap.inc in Drupal 5.x before 5.12 and 6.x before 6.6, when the server is configured for "IP-based virtual hosts," allows remote attackers to include and execute arbitrary files via the HTTP Host header.... Read more

    Affected Products : drupal
    • Published: Feb. 19, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-6070

    Multiple heap-based buffer underflows in the ReadPALMImage function in coders/palm.c in GraphicsMagick before 1.2.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted PALM image, a different vulner... Read more

    Affected Products : graphicsmagick
    • Published: Feb. 10, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-5398

    Tor before 0.2.0.32 does not properly process the ClientDNSRejectInternalAddresses configuration option in situations where an exit relay issues a policy-based refusal of a stream, which allows remote exit relays to have an unknown impact by mapping an in... Read more

    Affected Products : tor tor
    • Published: Dec. 09, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-12769

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-5260

    Heap-based buffer overflow in the CamImage.CamImage.1 ActiveX control in AxisCamControl.ocx in AXIS Camera Control 2.40.0.0 allows remote attackers to execute arbitrary code via a long image_pan_tilt property value.... Read more

    Affected Products : axis_camera_control
    • Published: Jan. 26, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2018-12759

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-4841

    The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, a... Read more

    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4827

    Multiple heap-based buffer overflows in the AddTab method in the (1) Tab and (2) CTab ActiveX controls in c1sizer.ocx and the (3) TabOne ActiveX control in sizerone.ocx in ComponentOne SizerOne 8.0.20081.140, as used in ComponentOne Studio for ActiveX 200... Read more

    Affected Products : sizerone sap_gui tabone tsc2_help_desk
    • Published: Jan. 08, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4453

    The GdPicture (1) Light Imaging Toolkit 4.7.1 GdPicture4S.Imaging ActiveX control (gdpicture4s.ocx) 4.7.0.1 and (2) Pro Imaging SDK 5.7.1 GdPicturePro5S.Imaging ActiveX control (gdpicturepro5s.ocx) 5.7.0.1 allows remote attackers to create, overwrite, and... Read more

    • Published: Oct. 06, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-4420

    Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other pro... Read more

    • Published: Apr. 13, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3807

    Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community a... Read more

    Affected Products : ios
    • Published: Sep. 26, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3704

    Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and... Read more

    • Published: Aug. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3628

    Apple QuickTime before 7.5.5 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT image, related to an "invalid pointer issue."... Read more

    Affected Products : quicktime windows
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3477

    Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file con... Read more

    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3472

    Microsoft Internet Explorer 6 and 7 does not properly determine the domain or security zone of origin of web script, which allows remote attackers to bypass the intended cross-domain security policy, and execute arbitrary code or obtain sensitive informat... Read more

    • Published: Oct. 15, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3167

    Multiple PHP remote file inclusion vulnerabilities in BoonEx Dolphin 6.1.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the (1) dir[plugins] parameter to (a) HTMLSax3.php and (b) safehtml.php in plug... Read more

    Affected Products : dolphin
    • Published: Jul. 14, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3066

    Stack-based buffer overflow in a certain ActiveX control in rjbdll.dll in RealNetworks RealPlayer Enterprise, RealPlayer 10, and RealPlayer 10.5 before build 6.0.12.1675 allows remote attackers to execute arbitrary code by importing a file into a media li... Read more

    Affected Products : realplayer
    • Published: Jul. 28, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3020

    Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."... Read more

    Affected Products : office works office_converter_pack
    • Published: Aug. 12, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 294850 Results