Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2012-4149

    Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %19.38
    • Published: Aug. 15, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3963

    Use-after-free vulnerability in the js::gc::MapAllocToTraceKind function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to exec... Read more

    • EPSS Score: %2.31
    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3284

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1512.... Read more

    • EPSS Score: %31.62
    • Published: Feb. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2790

    Unspecified vulnerability in the read_var_block_data function in libavcodec/alsdec.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to the "number of decoded samples in first sub-... Read more

    Affected Products : ffmpeg libav
    • EPSS Score: %0.84
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2779

    Unspecified vulnerability in the decode_frame function in libavcodec/indeo5.c in FFmpeg before 0.11, and Libav 0.7.x before 0.7.7 and 0.8.x before 0.8.4, has unknown impact and attack vectors, related to an invalid "gop header" and decoding in a "half ini... Read more

    Affected Products : ffmpeg libav
    • EPSS Score: %1.44
    • Published: Sep. 10, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2653

    arpwatch 2.1a15, as used by Red Hat, Debian, Fedora, and possibly others, does not properly drop supplementary groups, which might allow attackers to gain root privileges by leveraging other vulnerabilities in the daemon.... Read more

    Affected Products : arpwatch
    • EPSS Score: %1.83
    • Published: Jul. 12, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1799

    The web server on the Siemens Scalance S Security Module firewall S602 V2, S612 V2, and S613 V2 with firmware before 2.3.0.3 does not limit the rate of authentication attempts, which makes it easier for remote attackers to obtain access via a brute-force ... Read more

    • EPSS Score: %1.01
    • Published: Apr. 18, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-2042

    Adobe Illustrator before CS6 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0780, CVE-2012-2023, CVE-2012-2024, CVE-2012-2025, and CVE-2012-2026.... Read more

    Affected Products : illustrator illustrator_cs5.5
    • EPSS Score: %6.60
    • Published: May. 24, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1531

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, 5.0 Update 36 and earlier, and 1.4.2_38 and earlier; and JavaFX 2.2 and earlier; allows remote attackers to affect... Read more

    Affected Products : jdk jre jre jdk javafx
    • EPSS Score: %9.28
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2995

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.23 and 4.x through 6, Thunderbird before 7.0, and SeaMonkey before 2.4 allow remote attackers to cause a denial of service (memory corruption and application crash) o... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %1.88
    • Published: Sep. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2987

    Heap-based buffer overflow in Almost Native Graphics Layer Engine (ANGLE), as used in the WebGL implementation in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products might allow remote attackers to ex... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %7.95
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2921

    ktsuss versions 1.4 and prior has the uid set to root and does not drop privileges prior to executing user specified commands, which can result in command execution with root privileges.... Read more

    Affected Products : ktsuss
    • EPSS Score: %71.59
    • Published: Nov. 19, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2767

    mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HT... Read more

    • EPSS Score: %4.88
    • Published: Aug. 26, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-2764

    The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows... Read more

    • EPSS Score: %5.78
    • Published: Aug. 04, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2455

    Adobe Flash Player before 10.3.183.11 and 11.x before 11.1.102.55 on Windows, Mac OS X, Linux, and Solaris and before 11.1.102.59 on Android, and Adobe AIR before 3.1.0.4880, allows attackers to execute arbitrary code or cause a denial of service (memory ... Read more

    • EPSS Score: %1.77
    • Published: Nov. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2374

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %4.00
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1966

    The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."... Read more

    Affected Products : windows_server_2008
    • EPSS Score: %65.82
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1849

    tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %11.81
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1732

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %47.13
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1729

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %43.82
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 291898 Results