Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-2374

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.18 and 4.x through 4.0.1, and Thunderbird before 3.1.11, allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %4.00
    • Published: Jun. 30, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1966

    The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."... Read more

    Affected Products : windows_server_2008
    • EPSS Score: %65.82
    • Published: Aug. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1849

    tftpserver.exe in HP Intelligent Management Center (IMC) 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request.... Read more

    Affected Products : intelligent_management_center
    • EPSS Score: %11.81
    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1732

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %47.13
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-1729

    Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GET_FILE message.... Read more

    Affected Products : openview_storage_data_protector
    • EPSS Score: %43.82
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0982

    Use-after-free vulnerability in Google Chrome before 9.0.597.94 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving SVG font faces.... Read more

    Affected Products : chrome
    • EPSS Score: %2.99
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4135

    Multiple directory traversal vulnerabilities in lmgrd in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allow remote attackers to execute arbitrary code via vectors related to save, rename, and load operations on log files. NOTE: th... Read more

    Affected Products : flexnet_publisher
    • EPSS Score: %10.61
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0264

    Stack-based buffer overflow in ovutil.dll in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long COOKIE variable.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %49.38
    • Published: Jan. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4744

    Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441.... Read more

    Affected Products : fedora abcm2ps
    • EPSS Score: %1.50
    • Published: Feb. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4714

    Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in th... Read more

    Affected Products : groupwise
    • EPSS Score: %2.52
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4467

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 10 through 6 Update 23 allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, an... Read more

    Affected Products : jre jdk
    • EPSS Score: %3.46
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3571

    Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previou... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %14.12
    • Published: Oct. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-3085

    The network-play implementation in Mednafen before 0.8.D might allow remote servers to execute arbitrary code via unspecified vectors, related to "stack manipulation" issues.... Read more

    Affected Products : mednafen
    • EPSS Score: %0.85
    • Published: Oct. 12, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2897

    Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %0.38
    • Published: Jul. 28, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-3677

    The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1, and Server 2008 Gold does not properly verify the credentials in an MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP... Read more

    • EPSS Score: %60.94
    • Published: Dec. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3381

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • EPSS Score: %6.19
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3079

    Unspecified vulnerability in Mozilla Firefox before 3.0.14, and 3.5.x before 3.5.3, allows remote attackers to execute arbitrary JavaScript with chrome privileges via vectors involving an object, the FeedWriter, and the BrowserFeedWriter.... Read more

    Affected Products : firefox
    • EPSS Score: %1.60
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2523

    The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequest... Read more

    Affected Products : windows_2000
    • EPSS Score: %11.46
    • Published: Nov. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1119

    Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.... Read more

    Affected Products : replistor emc_replistor
    • EPSS Score: %13.07
    • Published: Apr. 15, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0065

    Buffer overflow in net/sctp/sm_statefuns.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.28-git8 allows remote attackers to have an unknown impact via an FWD-TSN (aka FORWARD-TSN) chunk with a large strea... Read more

    Affected Products : linux_kernel
    • EPSS Score: %8.94
    • Published: Jan. 07, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 291520 Results