Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-1382

    Multiple stack-based buffer overflows in mimetex.cgi in mimeTeX, when downloaded before 20090713, allow remote attackers to execute arbitrary code via a TeX file with long (1) picture, (2) circle, or (3) input tags.... Read more

    Affected Products : mimetex
    • EPSS Score: %11.76
    • Published: Jul. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0841

    Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. (dot dot) in the id parameter.... Read more

    Affected Products : mapserver mapserver
    • EPSS Score: %0.79
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0839

    Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a q... Read more

    Affected Products : mapserver mapserver
    • EPSS Score: %8.32
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0353

    Unspecified vulnerability in Mozilla Firefox 3.x before 3.0.6, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via v... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %6.78
    • Published: Feb. 04, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6393

    PSI Jabber client before 0.12.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a file transfer request with a negative value in a SOCKS5 option, which bypasses a signed integer check and triggers an in... Read more

    Affected Products : psi jabber_client
    • EPSS Score: %25.46
    • Published: Mar. 03, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-6079

    imlib2 before 1.4.2 allows context-dependent attackers to have an unspecified impact via a crafted (1) ARGB, (2) BMP, (3) JPEG, (4) LBM, (5) PNM, (6) TGA, or (7) XPM file, related to "several heap and stack based buffer overflows - partly due to integer o... Read more

    Affected Products : imlib2
    • EPSS Score: %2.66
    • Published: Feb. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5616

    Stack-based buffer overflow in the demux_open_vqf function in libmpdemux/demux_vqf.c in MPlayer 1.0 rc2 before r28150 allows remote attackers to execute arbitrary code via a malformed TwinVQ file.... Read more

    Affected Products : mplayer
    • EPSS Score: %30.64
    • Published: Dec. 17, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-5414

    Unspecified vulnerability in the Feature Pack for Web Services in the Web Services Security component in IBM WebSphere Application Server (WAS) 7 before 7.0.0.1 has unknown impact and attack vectors related to "userNameToken."... Read more

    Affected Products : websphere_application_server
    • EPSS Score: %1.27
    • Published: Dec. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4867

    Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.... Read more

    Affected Products : mplayer ffmpeg
    • EPSS Score: %3.18
    • Published: Nov. 01, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4292

    Opera before 9.52 does not check the CRL override upon encountering a certificate that lacks a CRL, which has unknown impact and attack vectors. NOTE: it is not clear whether this is a vulnerability, but the vendor included it in a security section of th... Read more

    Affected Products : opera_browser
    • EPSS Score: %3.12
    • Published: Sep. 27, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4211

    Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and exe... Read more

    Affected Products : mac_os_x mac_os_x_server iphone_os
    • EPSS Score: %13.96
    • Published: Oct. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3533

    Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated ... Read more

    Affected Products : yelp gnome
    • EPSS Score: %12.74
    • Published: Aug. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3257

    Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POS... Read more

    • EPSS Score: %78.22
    • Published: Jul. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2214

    Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.... Read more

    Affected Products : snmpc
    • EPSS Score: %22.79
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0671

    Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.... Read more

    Affected Products : tintin\+\+ wintin\+\+
    • EPSS Score: %15.71
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0356

    Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary ... Read more

    • EPSS Score: %73.33
    • Published: Jan. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0065

    Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles.... Read more

    Affected Products : nullsoft_winamp
    • EPSS Score: %72.36
    • Published: Jan. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6610

    unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when u... Read more

    Affected Products : unp
    • EPSS Score: %0.93
    • Published: Jan. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5083

    Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow.... Read more

    • EPSS Score: %38.07
    • Published: Oct. 01, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-4992

    Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050.... Read more

    Affected Products : firebird firebird
    • EPSS Score: %19.89
    • Published: Oct. 11, 2007
    • Modified: Apr. 09, 2025
Showing 20 of 292189 Results