Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-0742

    Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400.... Read more

    Affected Products : zenworks_handheld_management
    • EPSS Score: %39.73
    • Published: Feb. 02, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0485

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle speech data, which allows remote attackers to execute arbitrary code via unspecified vectors that lead to a "stale pointer."... Read more

    Affected Products : chrome chrome_os
    • EPSS Score: %6.78
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0266

    Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %78.81
    • Published: Jan. 13, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4508

    The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform proxy upgrade negotiation, which has unspecified impact and remote attack vectors, related to an "inherent problem" with the WebSocket specification.... Read more

    Affected Products : firefox
    • EPSS Score: %0.48
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4586

    The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecified impact and remote attack vectors, possibly a related issue to CVE-2010-4508.... Read more

    Affected Products : opera_browser
    • EPSS Score: %0.46
    • Published: Dec. 22, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2298

    browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does not properly handle ViewHostMsg_DatabaseOpenFile messages in chroot-based sandboxing, which allows remote attackers to bypass intended sandbox restrictions ... Read more

    Affected Products : linux_kernel chrome
    • EPSS Score: %0.41
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1554

    Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.... Read more

    Affected Products : openview_network_node_manager
    • EPSS Score: %83.37
    • Published: May. 13, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0270

    The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields in SMB transaction responses, which allows remote SMB servers and man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory... Read more

    Affected Products : windows_7 windows_server_2008
    • EPSS Score: %81.39
    • Published: Apr. 14, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-2722

    Multiple unspecified vulnerabilities in the Provider class in Sun Java SE 5.0 before Update 20 have unknown impact and attack vectors, aka BugId 6429594. NOTE: this issue exists because of an incorrect fix for BugId 6406003.... Read more

    Affected Products : java_se
    • EPSS Score: %4.20
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2688

    Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the p... Read more

    Affected Products : xemacs
    • EPSS Score: %3.66
    • Published: Aug. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2463

    Multiple integer overflows in the (1) PL_Base64Decode and (2) PL_Base64Encode functions in nsprpub/lib/libc/src/base64.c in Mozilla Firefox before 3.0.12, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %4.17
    • Published: Jul. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1930

    The Telnet service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote Telnet servers to execute arbitrary code on a client machine by replaying the NTLM credentials of a cli... Read more

    • EPSS Score: %46.18
    • Published: Aug. 12, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1382

    Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags.... Read more

    Affected Products : mimetex
    • EPSS Score: %11.76
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0841

    Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.... Read more

    Affected Products : mapserver mapserver
    • EPSS Score: %0.79
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0839

    Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a q... Read more

    Affected Products : mapserver mapserver
    • EPSS Score: %8.32
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0353

    Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via v... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %6.78
    • Published: Feb. 04, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6393

    PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an in... Read more

    Affected Products : psi jabber_client
    • EPSS Score: %25.46
    • Published: Mar. 03, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6079

    imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer o... Read more

    Affected Products : imlib2
    • EPSS Score: %2.66
    • Published: Feb. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5616

    Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.... Read more

    Affected Products : mplayer
    • EPSS Score: %30.64
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5414

    Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken."... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.27
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025
Showing 20 of 291360 Results