Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2010-2362

    Winny 2.0b7.1 and earlier does not properly process node information, which has unspecified impact and remote attack vectors that might lead to use of the product's host for DDoS attacks.... Read more

    Affected Products : winny
    • Published: Aug. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2300

    Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vec... Read more

    Affected Products : chrome
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2302

    Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors involving remote fonts in conjunction with shadow ... Read more

    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2272

    Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before 0.4.4 has unknown impact and remote attack vectors.... Read more

    Affected Products : dojo
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2019-8196

    Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation... Read more

    • Published: Oct. 17, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-0775

    Double free vulnerability in Mozilla Firefox before 3.0.7, Thunderbird before 2.0.0.21, and SeaMonkey before 1.1.15 allows remote attackers to execute arbitrary code via "cloned XUL DOM elements which were linked as a parent and child," which are not prop... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Mar. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-2217

    Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability."... Read more

    • Published: Aug. 11, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2193

    Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) WebScan ActiveX controls, as distributed on the CA Global Advisor web site until May 2009, allow remote attackers to execute arbitrary code via unknown vectors.... Read more

    • Published: Jun. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-2105

    Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors.... Read more

    Affected Products : chrome
    • Published: May. 28, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-1523

    The __group_complete_signal function in the RCU signal handling (signal.c) in Linux kernel 2.6.16, and possibly other versions, has unknown impact and attack vectors related to improper use of BUG_ON.... Read more

    Affected Products : linux_kernel
    • Published: Apr. 12, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2010-2054

    Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitra... Read more

    Affected Products : sblim-sfcb
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    CRITICAL
    CVE-2025-2857

    Following the recent Chrome sandbox escape (CVE-2025-2783), various Firefox developers identified a similar pattern in our IPC code. A compromised child process could cause the parent process to return an unintentionally powerful handle, leading to a sand... Read more

    Affected Products : firefox firefox_esr
    • Published: Mar. 27, 2025
    • Modified: May. 01, 2025
    • Vuln Type: Authorization

  • 10.0

    HIGH
    CVE-2010-2028

    Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.... Read more

    Affected Products : tftputil_gui
    • Published: May. 24, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1988

    Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring o... Read more

    Affected Products : firefox windows_xp
    • Published: May. 20, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1961

    Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprin... Read more

    Affected Products : openview_network_node_manager
    • Published: Jun. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1960

    Buffer overflow in the error handling functionality in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long, invalid option to jovgraph.exe.... Read more

    Affected Products : openview_network_node_manager
    • Published: Jun. 10, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1962

    Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.2.1.870.0 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : storageworks_storage_mirroring
    • Published: Jun. 07, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2006-2189

    SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: this issue can be used to trigger path disclosure. In addition, it might be primary to vector 1 i... Read more

    Affected Products : sblog
    • Published: May. 04, 2006
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2010-1937

    Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB before 1.3.8 might allow remote attackers to execute arbitrary code via a Content-Length HTTP header that specifies a value too small for the amount of POST data, aka bug #3001896.... Read more

    Affected Products : sblim-sfcb
    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1809

    The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors.... Read more

    Affected Products : iphone_os ipod_touch
    • Published: Sep. 09, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 292803 Results