Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2010-4724

    Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have unknown impact and remote attack vectors.... Read more

    Affected Products : smarty
    • Published: Feb. 03, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4712

    Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) char... Read more

    Affected Products : groupwise
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4711

    Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.... Read more

    Affected Products : groupwise
    • Published: Jan. 31, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4744

    Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors, a different issue than CVE-2010-3441.... Read more

    Affected Products : fedora abcm2ps
    • Published: Feb. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-4524

    Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters.... Read more

    Affected Products : advantech_webaccess
    • Published: Feb. 21, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4511

    Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and attack vectors related to the "dynamic publishing error message."... Read more

    Affected Products : movable_type movabletype
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4557

    Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensys Foxboro I/A Series Batch 8.1 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary cod... Read more

    • Published: Dec. 17, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4473

    Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier allows remote attackers to affect confidentiality, integrity, and availabi... Read more

    Affected Products : jre sdk jdk
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4509

    Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 and 5.x before 5.04 have unknown impact and attack vectors related to the (1) mt:AssetProperty and (2) mt:EntryFlag tags.... Read more

    Affected Products : movable_type movabletype
    • Published: Dec. 09, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4435

    Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to CDE Calendar Manager Service Daemon and RPC. NOTE: the previous information was obtained from the January ... Read more

    Affected Products : sunos
    • Published: Jan. 19, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4452

    Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentialit... Read more

    Affected Products : jre jdk
    • Published: Feb. 17, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4308

    Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4309.... Read more

    Affected Products : shockwave_player
    • Published: Aug. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4309

    Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-4308.... Read more

    Affected Products : shockwave_player
    • Published: Aug. 11, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4229

    Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently ... Read more

    Affected Products : zenworks_configuration_management
    • Published: Apr. 18, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-2421

    Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.... Read more

    • Published: Apr. 16, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-4227

    The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based bu... Read more

    Affected Products : netware
    • Published: Feb. 25, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-4070

    Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote att... Read more

    Affected Products : informix_dynamic_server
    • Published: Oct. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-4450

    IBM WebSphere Application Server 8.5 and 9.0 traditional could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects. IBM X-Force ID: 181231.... Read more

    Affected Products : websphere_application_server
    • Published: Jun. 05, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2011-4501

    The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 ... Read more

    • Published: Nov. 22, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2016-2315

    revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a (1) long filename or (2) many nested trees, leading to a heap-based buffer overflow.... Read more

    • Published: Apr. 08, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 293289 Results