Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    CRITICAL
    CVE-2020-28632

    Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker ca... Read more

    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2007-0219

    Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CV... Read more

    • Published: Feb. 13, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2007-0480

    Cisco IOS 9.x, 10.x, 11.x, and 12.x and IOS XR 2.0.x, 3.0.x, and 3.2.x allows remote attackers to cause a denial of service or execute arbitrary code via a crafted IP option in the IP header in a (1) ICMP, (2) PIMv2, (3) PGM, or (4) URD packet.... Read more

    Affected Products : ios_transmission_control_protocol
    • Published: Jan. 25, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-0644

    Use-after-free vulnerability in Adobe Flash Player before 10.3.183.63 and 11.x before 11.6.602.168 on Windows, before 10.3.183.61 and 11.x before 11.6.602.167 on Mac OS X, before 10.3.183.61 and 11.x before 11.2.202.270 on Linux, before 11.1.111.43 on And... Read more

    • Published: Feb. 12, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4254

    RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via a crafted RTSP SETUP request.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4246

    The AAC codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4256

    The RV30 codec in RealNetworks RealPlayer before 15.0.0 and Mac RealPlayer before 12.0.0.1703 does not initialize an unspecified index value, which allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4249

    Array index error in the RV30 codec in RealNetworks RealPlayer before 15.0.0 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : realplayer
    • Published: Nov. 24, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4187

    Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173.... Read more

    Affected Products : windows iprint
    • Published: Feb. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4161

    The default configuration of the HP CM8060 Color MFP with Edgeline; Color LaserJet 3xxx, 4xxx, 5550, 9500, CMxxxx, CPxxxx, and Enterprise CPxxxx; Digital Sender 9200c and 9250c; LaserJet 4xxx, 5200, 90xx, Mxxxx, and Pxxxx; and LaserJet Enterprise 500 colo... Read more

    • Published: Dec. 01, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-5129

    Heap-based buffer overflow in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to execu... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-4163

    Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1213.... Read more

    Affected Products : database_archiving_software
    • Published: Dec. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4134

    Heap-based buffer overflow in lmadmin in Flexera FlexNet Publisher 11.10 (aka FlexNet License Server Manager) allows remote attackers to execute arbitrary code via a crafted 0x2f packet.... Read more

    Affected Products : flexnet_publisher
    • Published: Jan. 19, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4164

    Unspecified vulnerability in HP Database Archiving Software 6.31 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1214.... Read more

    Affected Products : database_archiving_software
    • Published: Dec. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4124

    Input validation issues were found in Calibre at devices/linux_mount_helper.c which can lead to argument injection and elevation of privileges.... Read more

    Affected Products : calibre
    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-4125

    A untrusted search path issue was found in Calibre at devices/linux_mount_helper.c leading to the ability of unprivileged users to execute any program as root.... Read more

    Affected Products : calibre
    • Published: Oct. 27, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-4185

    The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than ... Read more

    Affected Products : windows iprint
    • Published: Feb. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-2723

    Unspecified vulnerability in deserialization in the Provider class in Sun Java SE 5.0 before Update 20 has unknown impact and attack vectors, aka BugId 6444262.... Read more

    Affected Products : java_se
    • Published: Aug. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-4051

    CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and pro... Read more

    Affected Products : web_studio indusoft_web_studio
    • Published: Dec. 05, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4041

    webvrpcs.exe in Advantech/BroadWin WebAccess allows remote attackers to execute arbitrary code or obtain a security-code value via a long string in an RPC request to TCP port 4592.... Read more

    Affected Products : webaccess
    • Published: Feb. 06, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293280 Results