Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-3351

    Multiple unspecified vulnerabilities in the Node Browser module for Drupal have unknown impact and attack vectors.... Read more

    Affected Products : drupal node_browser_module
    • EPSS Score: %0.39
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3379

    Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE... Read more

    Affected Products : firefox
    • EPSS Score: %5.15
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3169

    Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission Server/FTP before 09-00 allow remote attackers to execute arbitrary code via unknown attack vectors.... Read more

    Affected Products : jp1_file_transmission_server
    • EPSS Score: %3.23
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3179

    Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as ide... Read more

    Affected Products : altiris_deployment_solution
    • EPSS Score: %6.63
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3102

    The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.... Read more

    Affected Products : zrm_for_my_sql
    • EPSS Score: %6.45
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3072

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and applica... Read more

    Affected Products : firefox
    • EPSS Score: %4.69
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3103

    Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system cra... Read more

    Affected Products : windows_server_2008 windows_vista
    • EPSS Score: %92.94
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3032

    Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to exe... Read more

    • EPSS Score: %1.90
    • Published: Mar. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-2935

    Google V8, as used in Google Chrome before 2.0.172.43, allows remote attackers to bypass intended restrictions on reading memory, and possibly obtain sensitive information or execute arbitrary code in the Chrome sandbox, via crafted JavaScript.... Read more

    Affected Products : chrome
    • EPSS Score: %2.04
    • Published: Aug. 27, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2753

    Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow rem... Read more

    Affected Products : informix_dynamic_server
    • EPSS Score: %23.22
    • Published: Mar. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-2754

    Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Leg... Read more

    • EPSS Score: %30.96
    • Published: Mar. 05, 2010
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-2741

    Unspecified vulnerability in the wberuntimeear application in the test servlet in IBM WebSphere Business Events 6.1 and 6.2 allows remote attackers to execute arbitrary code via unknown vectors.... Read more

    Affected Products : websphere_business_events
    • EPSS Score: %2.68
    • Published: Sep. 18, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2667

    Unspecified vulnerability in IBM Tivoli Key Lifecycle Manager (TKLM) 1.0 has unknown impact and attack vectors, related to a "password security vulnerability."... Read more

    Affected Products : tklm
    • EPSS Score: %0.51
    • Published: Aug. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2675

    Integer overflow in the unpack200 utility in Sun Java Runtime Environment (JRE) in JDK and JRE 6 before Update 15, and JDK and JRE 5.0 before Update 20, allows context-dependent attackers to gain privileges via unspecified length fields in the header of a... Read more

    Affected Products : jre jdk
    • EPSS Score: %6.84
    • Published: Aug. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2505

    The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute arbitr... Read more

    Affected Products : windows_server_2008 windows_vista
    • EPSS Score: %47.85
    • Published: Dec. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-4369

    Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x thro... Read more

    • EPSS Score: %13.04
    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-2468

    Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long ... Read more

    Affected Products : firefox
    • EPSS Score: %23.74
    • Published: Jul. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2462

    The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronou... Read more

    Affected Products : firefox thunderbird
    • EPSS Score: %5.33
    • Published: Jul. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2464

    The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrar... Read more

    Affected Products : firefox thunderbird seamonkey
    • EPSS Score: %19.94
    • Published: Jul. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2317

    The Axesstel MV 410R has a certain default administrator password, and does not force a password change, which makes it easier for remote attackers to obtain access.... Read more

    Affected Products : mv_410r
    • EPSS Score: %0.88
    • Published: Jul. 05, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 292319 Results