Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2010-1574

    IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuratio... Read more

    Affected Products : ios industrial_ethernet_3000
    • Published: Jul. 08, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2015-5551

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and before 11.2.202.508 on Linux, Adobe AIR before 18.0.0.199, Adobe AIR SDK before 18.0.0.199, and Adobe AIR SDK & Compiler before 18.0.0.199 allows attackers to exe... Read more

    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2010-1505

    Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privileges, which has unknown impact and attack vectors.... Read more

    Affected Products : chrome
    • Published: Apr. 23, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1517

    The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to (1) download arbitrary programs onto a client system, and execute these programs, via vectors involving the dl method; and (2) download arbitrary programs onto a client system via v... Read more

    Affected Products : dldrv2_activex_control
    • Published: Aug. 02, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-5127

    Directory traversal vulnerability in Blue Coat Reporter 9.x before 9.2.4.13, 9.2.5.x before 9.2.5.1, and 9.3 before 9.3.1.2 on Windows allows remote attackers to read arbitrary files, and consequently execute arbitrary code, via an unspecified HTTP reques... Read more

    Affected Products : windows reporter
    • Published: Aug. 26, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1462

    Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors via the sub parameter.... Read more

    Affected Products : shop-script
    • Published: Apr. 16, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1318

    Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks Helix Server and Helix Mobile Server 11.x through 13.x and other products, allows remote attackers to execute arbitrary code via unspecified vec... Read more

    • Published: Apr. 20, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1349

    Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.... Read more

    Affected Products : opera_browser windows
    • Published: Apr. 12, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1185

    Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained ... Read more

    Affected Products : maxdb
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1223

    Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary code via (1) a malformed request to the ws_man/xosoapapi.asmx SOAP endpoint or (2) a long string to the entry_point.aspx service.... Read more

    • Published: Apr. 07, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1120

    Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by Charlie Miller during a Pwn2Own competition at CanSecWest 2010.... Read more

    Affected Products : mac_os_x safari
    • Published: Mar. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1121

    Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved from one document to another, which allows remote attackers to conduct use-after-free attacks and execute arbitrary code via unspecified vectors involving i... Read more

    Affected Products : firefox
    • Published: Mar. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-1118

    Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to execute arbitrary code via unknown vectors, possibly related to a use-after-free issue, as demonstrated by Peter Vreugdenhil during a Pwn2Own competition at... Read more

    Affected Products : windows_7 internet_explorer
    • Published: Mar. 25, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0998

    Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 allow remote attackers to execute arbitrary code via vectors involving (1) the folders feature in Site Explorer, (2) the websites feature in Site Explorer, (3) an FTP URI,... Read more

    Affected Products : free_download_manager
    • Published: May. 17, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0990

    Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used in Creative Software AutoUpdate 1.40.01, allows remote attackers to execute arbitrary code via vectors related to the BrowseFolder method.... Read more

    • Published: Jun. 15, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2007-6048

    IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.... Read more

    • Published: Nov. 20, 2007
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2010-0898

    Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : secure_backup
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2010-0873

    Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.... Read more

    Affected Products : timesten_in-memory_database
    • Published: Jul. 13, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2020-14343

    A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the l... Read more

    • Published: Feb. 09, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2012-1972

    Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attac... Read more

    • Published: Aug. 29, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293510 Results