Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2011-3290

    Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135.... Read more

    • Published: Sep. 21, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3101

    Google Chrome before 19.0.1084.46 on Linux does not properly mitigate an unspecified flaw in an NVIDIA driver, which has unknown impact and attack vectors. NOTE: see CVE-2012-3105 for the related MFSA 2012-34 issue in Mozilla products.... Read more

    Affected Products : linux_kernel chrome
    • Published: May. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3099

    Use-after-free vulnerability in the PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a malformed name for the font encoding.... Read more

    Affected Products : chrome
    • Published: May. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3097

    The PDF functionality in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging an out-of-bounds write error in the implementation of sampled functions.... Read more

    Affected Products : chrome
    • Published: May. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3086

    Use-after-free vulnerability in Google Chrome before 19.0.1084.46 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving a STYLE element.... Read more

    Affected Products : chrome
    • Published: May. 16, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3046

    The extension subsystem in Google Chrome before 17.0.963.78 does not properly handle history navigation, which allows remote attackers to execute arbitrary code by leveraging a "Universal XSS (UXSS)" issue.... Read more

    Affected Products : chrome opensuse iphone_os safari
    • Published: Mar. 09, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-3158

    Unspecified vulnerability in HP Data Protector Notebook Extension 6.20 and Data Protector for Personal Computers 7.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1226.... Read more

    • Published: Oct. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0491

    Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow atta... Read more

    • Published: Jan. 15, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2998

    Integer underflow in Mozilla Firefox 3.6.x before 3.6.23 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via JavaScript code containing a large RegExp expression.... Read more

    Affected Products : firefox
    • Published: Sep. 30, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2985

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 5, Thunderbird before 6, SeaMonkey 2.x before 2.3, and possibly other products allow remote attackers to cause a denial of service (memory corruption and application... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2982

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.6.20, Thunderbird 2.x and 3.x before 3.1.12, SeaMonkey 1.x and 2.x, and possibly other products allow remote attackers to cause a denial of service (memory corruption a... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2961

    Heap-based buffer overflow in AngelServer.exe 6.0.11.3 in Sunway pNetPower allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted UDP packet.... Read more

    Affected Products : pnetpower
    • Published: Jul. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2953

    An unspecified ActiveX control in the browser plugin in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5, RealPlayer SP 1.0 through 1.1.5, and RealPlayer Enterprise 2.0 through 2.1.5 allows remote attackers to execute arbitrary code via... Read more

    Affected Products : realplayer realplayer_sp
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0561

    Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567.... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • Published: Sep. 17, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2011-2959

    Stack-based buffer overflow in the Open Database Connectivity (ODBC) service (Odbcixv9se.exe) in 7-Technologies Interactive Graphical SCADA System (IGSS) 9 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbit... Read more

    Affected Products : igss
    • Published: Jul. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-4691

    The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Nov. 15, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2013-2726

    Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-20... Read more

    Affected Products : acrobat acrobat_reader
    • Published: May. 16, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2008-2641

    Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validatio... Read more

    Affected Products : acrobat_reader acrobat_3d
    • Published: Jun. 25, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-2822

    Google Chrome before 13.0.782.215 on Windows does not properly parse URLs located on the command line, which has unspecified impact and attack vectors.... Read more

    Affected Products : chrome windows
    • Published: Aug. 29, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-2681

    IBM Rational DOORS Web Access 1.4.x before 1.4.0.4 does not properly handle exceptions, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : rational_doors_web_access
    • Published: Jul. 07, 2011
    • Modified: Apr. 11, 2025
Showing 20 of 293284 Results