Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2008-4867

    Buffer overflow in libavcodec/dca.c in FFmpeg 0.4.9 before r14917, as used by MPlayer, allows context-dependent attackers to have an unknown impact via vectors related to an incorrect DCA_MAX_FRAME_SIZE value.... Read more

    Affected Products : mplayer ffmpeg
    • EPSS Score: %3.18
    • Published: Nov. 01, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4292

    Opera before 9.52 does not check the CRL override upon encountering a certificate that lacks a CRL, which has unknown impact and attack vectors. NOTE: it is not clear whether this is a vulnerability, but the vendor included it in a security section of th... Read more

    Affected Products : opera_browser
    • EPSS Score: %3.12
    • Published: Sep. 27, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-4211

    Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and exe... Read more

    Affected Products : mac_os_x mac_os_x_server iphone_os
    • EPSS Score: %13.96
    • Published: Oct. 10, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3533

    Format string vulnerability in the window_error function in yelp-window.c in yelp in Gnome after 2.19.90 and before 2.24 allows remote attackers to execute arbitrary code via format string specifiers in an invalid URI on the command line, as demonstrated ... Read more

    Affected Products : yelp gnome
    • EPSS Score: %12.74
    • Published: Aug. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-3257

    Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POS... Read more

    • EPSS Score: %78.22
    • Published: Jul. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-2214

    Stack-based buffer overflow in the Network Manager in Castle Rock Computing SNMPc 7.1 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long community string in an SNMP TRAP packet.... Read more

    Affected Products : snmpc
    • EPSS Score: %22.79
    • Published: May. 14, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0671

    Stack-based buffer overflow in the add_line_buffer function in TinTin++ 1.97.9 and WinTin++ 1.97.9 allows remote attackers to execute arbitrary code via a long chat message, related to conversion from LF to CRLF.... Read more

    Affected Products : tintin\+\+ wintin\+\+
    • EPSS Score: %15.71
    • Published: Feb. 12, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0356

    Buffer overflow in the Independent Management Architecture (IMA) service in Citrix Presentation Server (MetaFrame Presentation Server) 4.5 and earlier, Access Essentials 2.0 and earlier, and Desktop Server 1.0 allows remote attackers to execute arbitrary ... Read more

    • EPSS Score: %73.33
    • Published: Jan. 18, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2008-0065

    Multiple stack-based buffer overflows in in_mp3.dll in Winamp 5.21, 5.5, and 5.51 allow remote attackers to execute arbitrary code via a long (1) artist or (2) name tag in Ultravox streaming metadata, related to construction of stream titles.... Read more

    Affected Products : nullsoft_winamp
    • EPSS Score: %72.36
    • Published: Jan. 22, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-6610

    unp 1.0.12, and other versions before 1.0.14, does not properly escape file names, which might allow context-dependent attackers to execute arbitrary commands via shell metacharacters in a filename argument. NOTE: this might only be a vulnerability when u... Read more

    Affected Products : unp
    • EPSS Score: %0.93
    • Published: Jan. 03, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-5083

    Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow.... Read more

    • EPSS Score: %38.07
    • Published: Oct. 01, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-4992

    Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050.... Read more

    Affected Products : firebird firebird
    • EPSS Score: %19.89
    • Published: Oct. 11, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-4074

    The default configuration of Centre for Speech Technology Research (CSTR) Festival 1.95 beta (aka 2.0 beta) on Gentoo Linux, SUSE Linux, and possibly other distributions, is run locally with elevated privileges without requiring authentication, which allo... Read more

    Affected Products : suse_linux gentoo_linux
    • EPSS Score: %1.41
    • Published: Jul. 30, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3488

    Heap-based buffer overflow in the viewer ActiveX control in Sony Network Camera SNC-RZ25N before 1.30; SNC-P1 and SNC-P5 before 1.29; SNC-CS10 and SNC-CS11 before 1.06; SNC-DF40N and SNC-DF70N before 1.18; SNC-RZ50N and SNC-CS50N before 2.22; SNC-DF85N, S... Read more

    Affected Products : sony_network_camera_snc-p5
    • EPSS Score: %24.04
    • Published: Jun. 29, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-3093

    Unspecified vulnerability in the logging mechanism in Solaris Management Console (SMC) on Sun Solaris 8 through 10 before 20070605 allows remote attackers to execute arbitrary code via unspecified vectors, related to the WBEM server.... Read more

    Affected Products : solaris sunos
    • EPSS Score: %14.06
    • Published: Jun. 06, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-2139

    Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, ... Read more

    • EPSS Score: %83.80
    • Published: Apr. 25, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0061

    The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before ... Read more

    • EPSS Score: %14.67
    • Published: Sep. 21, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-6076

    Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.... Read more

    • EPSS Score: %76.04
    • Published: Nov. 24, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-3738

    Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.... Read more

    Affected Products : openssl
    • EPSS Score: %67.23
    • Published: Sep. 28, 2006
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2006-3632

    Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the NFS dissector.... Read more

    Affected Products : enterprise_linux ethereal
    • EPSS Score: %5.01
    • Published: Jul. 21, 2006
    • Modified: Apr. 03, 2025
Showing 20 of 291360 Results