Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-2505

    The Internet Authentication Service (IAS) in Microsoft Windows Vista SP2 and Server 2008 SP2 does not properly validate MS-CHAP v2 Protected Extensible Authentication Protocol (PEAP) authentication requests, which allows remote attackers to execute arbitr... Read more

    Affected Products : windows_server_2008 windows_vista
    • Published: Dec. 09, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2011-4369

    Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x thro... Read more

    • Published: Dec. 16, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2009-2468

    Integer overflow in Apple CoreGraphics, as used in Safari before 4.0.3, Mozilla Firefox before 3.0.12, and Mac OS X 10.4.11 and 10.5.8, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long ... Read more

    Affected Products : firefox
    • Published: Jul. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2462

    The browser engine in Mozilla Firefox before 3.0.12 and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to (1) the frame chain and synchronou... Read more

    Affected Products : firefox thunderbird
    • Published: Jul. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2464

    The nsXULTemplateQueryProcessorRDF::CheckIsSeparator function in Mozilla Firefox before 3.0.12, SeaMonkey 2.0a1pre, and Thunderbird allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrar... Read more

    Affected Products : firefox thunderbird seamonkey
    • Published: Jul. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2317

    The Axesstel MV 410R has a certain default administrator password, and does not force a password change, which makes it easier for remote attackers to obtain access.... Read more

    Affected Products : mv_410r
    • Published: Jul. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2300

    The management interface in the phion airlock Web Application Firewall (WAF) 4.1-10.41 does not properly handle CGI requests that specify large width and height parameters for an image, which allows remote attackers to execute arbitrary commands or cause ... Read more

    Affected Products : airlock_web_application_firewall
    • Published: Jul. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2227

    Stack-based buffer overflow in B Labs Bopup Communication Server 3.2.26.5460 allows remote attackers to execute arbitrary code via a crafted request to TCP port 19810.... Read more

    Affected Products : bopup_communication_server
    • Published: Jun. 26, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2271

    The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and has (2) a default password of admin for the admin account in the telnet interface; which makes it easier for remote attackers... Read more

    Affected Products : d100
    • Published: Jul. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2296

    The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.... Read more

    Affected Products : solaris opensolaris
    • Published: Jul. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2193

    Buffer overflow in the kernel in Apple Mac OS X 10.5 before 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via a crafted AppleTalk response packet.... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Aug. 06, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2204

    Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrate... Read more

    Affected Products : iphone_os
    • Published: Aug. 03, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2030

    Unspecified vulnerability in the XML Digital Signature verification functionality in JVA-RUN in JDK 6.0 in IBM OS/400 i5/OS V5R4M0 and V6R1M0 has unknown impact and attack vectors related to "XML SECURITY PATCH."... Read more

    Affected Products : jdk os\/400
    • Published: Jun. 11, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2038

    Unspecified vulnerability in the Finnish Bank Payment module 2.2 for osCommerce has unknown impact and attack vectors related to bank charges.... Read more

    Affected Products : oscommerce finnish_bank_payment
    • Published: Jun. 12, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-2039

    Unspecified vulnerability in the Luottokunta module before 1.3 for osCommerce has unknown impact and attack vectors related to orders.... Read more

    Affected Products : oscommerce luottokunta
    • Published: Jun. 12, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1916

    dig.php in GScripts.net DNS Tools allows remote attackers to execute arbitrary commands via shell metacharacters in the ns parameter.... Read more

    Affected Products : dns_tools
    • Published: Jun. 04, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1943

    Stack-based buffer overflow in the IKE service (ireIke.exe) in SafeNet SoftRemote before 10.8.6 allows remote attackers to execute arbitrary code via a long request to UDP port 62514.... Read more

    Affected Products : softremote softremote1.4
    • Published: Jun. 05, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1918

    Microsoft Internet Explorer 5.01 SP4 and 6 SP1; Internet Explorer 6 for Windows XP SP2 and SP3 and Server 2003 SP2; and Internet Explorer 7 and 8 for Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 do not pr... Read more

    • Published: Jul. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1783

    Multiple FRISK Software F-Prot anti-virus products, including Antivirus for Exchange, Linux on IBM zSeries, Linux x86 File Servers, Linux x86 Mail Servers, Linux x86 Workstations, Solaris Mail Servers, Antivirus for Windows, and others, allow remote attac... Read more

    • Published: May. 22, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1784

    The AVG parsing engine 8.5 323, as used in multiple AVG anti-virus products including Anti-Virus Network Edition, Internet Security Netzwerk Edition, Server Edition für Linux/FreeBSD, Anti-Virus SBS Edition, and others allows remote attackers to bypass ma... Read more

    Affected Products : avg_anti-virus
    • Published: May. 22, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 292803 Results