Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-3844

    Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet.... Read more

    • Published: Dec. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2014-1544

    Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execut... Read more

    • Published: Jul. 23, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2007-6148

    Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requ... Read more

    • Published: Feb. 13, 2008
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3663

    Format string vulnerability in the h_readrequest function in http.c in httpdx Web Server 1.4 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in the Host header.... Read more

    Affected Products : httpdx
    • Published: Oct. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3637

    Stack-based buffer overflow in the M_AddToServerList function in client/menu.c in Red Planet Arena Alien Arena 7.30 allows remote attackers to execute arbitrary code via a packet with a crafted server description to UDP port 27901 followed by a packet wit... Read more

    Affected Products : alien_arena
    • Published: Jan. 13, 2010
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3711

    Stack-based buffer overflow in the h_handlepeer function in http.cpp in httpdx 1.4, and possibly 1.4.3, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.... Read more

    Affected Products : httpdx
    • Published: Oct. 16, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3570

    Unspecified vulnerability in OpenOffice.org (OOo) has unspecified impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.9. NOTE: as of 20091005, this disclosure has no actionable information. However, beca... Read more

    Affected Products : openoffice.org
    • Published: Oct. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-1999-0238

    php.cgi allows attackers to read any file on the system.... Read more

    Affected Products : php
    • Published: Aug. 01, 1997
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2009-3346

    Unspecified vulnerability in SAP Crystal Reports Server 2008 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure... Read more

    Affected Products : crystal_reports_server
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3345

    Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information.... Read more

    Affected Products : crystal_reports_server
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3350

    Multiple unspecified vulnerabilities in the Subdomain Manager module for Drupal have unknown impact and attack vectors.... Read more

    Affected Products : drupal subdomain_manager
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3371

    Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code by creating JavaScript web-workers recursively.... Read more

    Affected Products : firefox
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3351

    Multiple unspecified vulnerabilities in the Node Browser module for Drupal have unknown impact and attack vectors.... Read more

    Affected Products : drupal node_browser_module
    • Published: Sep. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3379

    Multiple unspecified vulnerabilities in libvorbis, as used in Mozilla Firefox 3.5.x before 3.5.4, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. NOTE: this might overlap CVE... Read more

    Affected Products : firefox
    • Published: Oct. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3169

    Multiple unspecified vulnerabilities in Hitachi JP1/File Transmission Server/FTP before 09-00 allow remote attackers to execute arbitrary code via unknown attack vectors.... Read more

    Affected Products : jp1_file_transmission_server
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3179

    Multiple unspecified vulnerabilities in Symantec Altiris Deployment Solution 6.9 might allow remote attackers to execute arbitrary code via unknown client-side attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 7.17, as ide... Read more

    Affected Products : altiris_deployment_solution
    • Published: Sep. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3102

    The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.... Read more

    Affected Products : zrm_for_my_sql
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3072

    Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.14 and 3.5.x before 3.5.3, Thunderbird before 2.0.0.24, and SeaMonkey before 1.1.19 allow remote attackers to cause a denial of service (memory corruption and applica... Read more

    Affected Products : firefox
    • Published: Sep. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3103

    Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system cra... Read more

    Affected Products : windows_server_2008 windows_vista
    • Published: Sep. 08, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-3032

    Integer overflow in kvolefio.dll 8.5.0.8339 and 10.5.0.0 in the Autonomy KeyView Filter SDK, as used in IBM Lotus Notes 8.5, Symantec Mail Security for Microsoft Exchange 5.0.10 through 5.0.13, and other products, allows context-dependent attackers to exe... Read more

    • Published: Mar. 05, 2010
    • Modified: Apr. 11, 2025
Showing 20 of 293354 Results