Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2005-3344

    The default installation of Horde 3.0.4 contains an administrative account with a blank password, which allows remote attackers to gain access.... Read more

    Affected Products : horde
    • Published: Nov. 16, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2011-0065

    Use-after-free vulnerability in Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, allows remote attackers to execute arbitrary code via vectors related to OBJECT's mChannel.... Read more

    Affected Products : firefox seamonkey
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0073

    Mozilla Firefox before 3.5.19 and 3.6.x before 3.6.17, and SeaMonkey before 2.0.14, does not properly use nsTreeRange data structures, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "dangling pointer."... Read more

    Affected Products : firefox seamonkey
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0077

    Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before 3.1.10, and SeaMonkey before 2.0.14 allows remote attackers to cause a denial of service (memory corruption and application ... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: May. 07, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-6788

    The ObjectBackedNativeHandler class in extensions/renderer/object_backed_native_handler.cc in the extensions subsystem in Google Chrome before 47.0.2526.80 improperly implements handler functions, which allows remote attackers to cause a denial of service... Read more

    Affected Products : chrome
    • Published: Dec. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-6693

    Unspecified vulnerability in the WebCam module in Menalto Gallery before 2.2.4 has unknown impact and attack vectors related to a "proxied request."... Read more

    Affected Products : gallery_webcam_module
    • Published: Jan. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2012-3576

    Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to th... Read more

    Affected Products : wordpress wpstorecart
    • Published: Jun. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3561

    Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.... Read more

    Affected Products : opera_browser
    • Published: Jun. 14, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3506

    Unspecified vulnerability in the Apache Open For Business Project (aka OFBiz) 10.04.x before 10.04.03 has unknown impact and attack vectors.... Read more

    Affected Products : ofbiz open_for_business_project
    • Published: Oct. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2005-2541

    Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.... Read more

    Affected Products : tar
    • Published: Aug. 10, 2005
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2012-3416

    Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.... Read more

    Affected Products : condor
    • Published: Aug. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0474

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle Cascading Style Sheets (CSS) token sequences in conjunction with cursors, which allows remote attackers to cause a denial of service or possibly have unspecified othe... Read more

    Affected Products : debian_linux chrome chrome_os
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3262

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1464.... Read more

    Affected Products : sitescope
    • Published: Sep. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3278

    Stack-based buffer overflow in magentservice.exe in HP Diagnostics Server 8.x through 8.07 and 9.x through 9.21 allows remote attackers to execute arbitrary code via a malformed message packet.... Read more

    Affected Products : diagnostics_server
    • Published: Jan. 25, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3275

    Unspecified vulnerability in HP Network Node Manager i (NNMi) 9.1x and 9.20 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : network_node_manager_i
    • Published: Dec. 06, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3285

    Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1513.... Read more

    • Published: Feb. 06, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3259

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1461.... Read more

    Affected Products : sitescope
    • Published: Sep. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3260

    Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.... Read more

    Affected Products : sitescope
    • Published: Sep. 25, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-3258

    Unspecified vulnerability in HP Operations Orchestration 9.0 before 9.03 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : operations_orchestration
    • Published: Sep. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-1532

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier and 6 Update 35 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to De... Read more

    Affected Products : jdk jre jre jdk
    • Published: Oct. 16, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293280 Results