Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2010-3117

    Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows remote attackers to cause a denial of service (application crash) and possibly have unspecified other impact via unknown vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %0.99
    • Published: Aug. 24, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0174

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4; and SeaMonkey before 2.0.4 allow remote attackers to cause a denial of service (memory corru... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %4.23
    • Published: Apr. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0159

    The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before 3.0.2, and SeaMonkey before 2.0.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbit... Read more

    • EPSS Score: %2.15
    • Published: Feb. 22, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0108

    Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll) in Symantec AntiVirus 10.0.x, 10.1.x before MR9, and 10.2.x before MR4; and Symantec Client Security 3.0.x and 3.1.x before MR9 allows remote attackers t... Read more

    • EPSS Score: %12.62
    • Published: Feb. 19, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-3575

    Buffer overflow in DHTRoutingTableDeserializer.cc in aria2 0.15.3, 1.2.0, and other versions allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : aria2
    • EPSS Score: %3.32
    • Published: Oct. 07, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3069

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.3 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.... Read more

    Affected Products : firefox
    • EPSS Score: %5.84
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2689

    JDK13Services.getProviders in Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, grants full privileges to instances of unspecified object types, which allows context-dependent attackers to bypass intended access restrictions via an unt... Read more

    Affected Products : openjdk java_se
    • EPSS Score: %7.93
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0928

    Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecif... Read more

    Affected Products : acrobat acrobat_reader
    • EPSS Score: %11.41
    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0840

    Heap-based buffer underflow in the readPostBody function in cgiutil.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to have an unknown impact via a negative value in the Content-Length HTTP header.... Read more

    Affected Products : mapserver mapserver
    • EPSS Score: %2.70
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5355

    The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and JRE 1.4.2_18 and earlier does not verify the signature of the JRE that is downloaded, which allows... Read more

    Affected Products : jre sdk jdk
    • EPSS Score: %17.77
    • Published: Dec. 05, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4619

    The RPC subsystem in Sun Solaris 9 allows remote attackers to cause a denial of service (daemon crash) via a crafted request to procedure 8 in program 100000 (rpcbind), related to the XDR_DECODE operation and the taddr2uaddr function. NOTE: this might be... Read more

    Affected Products : solaris sunos
    • EPSS Score: %8.93
    • Published: Oct. 21, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4293

    Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other appl... Read more

    Affected Products : opera opera_browser windows
    • EPSS Score: %6.35
    • Published: Sep. 27, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4220

    Integer overflow in the inet_net_pton API in Libsystem in Apple Mac OS X before 10.5.6 allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors. NOTE: this may be related to the... Read more

    Affected Products : mac_os_x mac_os_x_server
    • EPSS Score: %0.89
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4070

    Heap-based buffer overflow in Mozilla Thunderbird before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long header in a news article, related to "canc... Read more

    Affected Products : thunderbird seamonkey
    • EPSS Score: %1.72
    • Published: Sep. 27, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4064

    Multiple unspecified vulnerabilities in Mozilla Firefox 3.x before 3.0.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to graphics rendering and (1) han... Read more

    Affected Products : firefox
    • EPSS Score: %2.32
    • Published: Sep. 24, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3914

    Multiple unspecified vulnerabilities in ClamAV before 0.94 have unknown impact and attack vectors related to file descriptor leaks on the "error path" in (1) libclamav/others.c and (2) libclamav/sis.c.... Read more

    Affected Products : clamav
    • EPSS Score: %2.01
    • Published: Sep. 11, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3696

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMw... Read more

    Affected Products : player server workstation ace
    • EPSS Score: %1.66
    • Published: Sep. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3529

    Heap-based buffer overflow in the xmlParseAttValueComplex function in parser.c in libxml2 before 2.7.0 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a long XML entity name.... Read more

    • EPSS Score: %58.86
    • Published: Sep. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2811

    The block reflow implementation in Mozilla Firefox before 2.0.0.15, Thunderbird 2.0.0.14 and earlier, and SeaMonkey before 1.1.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image whose display... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %26.86
    • Published: Jul. 07, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2403

    Multiple directory traversal vulnerabilities in unspecified ASP applications in Sun Java Active Server Pages (ASP) Server before 4.0.3 allow remote attackers to read or delete arbitrary files via a .. (dot dot) in the Path parameter to the MapPath method.... Read more

    Affected Products : java_asp_server
    • EPSS Score: %1.00
    • Published: Jun. 04, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291385 Results