Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2009-1314

    body.asp in Web File Explorer 3.1 allows remote attackers to create arbitrary files and execute arbitrary code via the savefile action with a file parameter containing a filename that has an executable extension.... Read more

    Affected Products : web_file_explorer
    • Published: Apr. 17, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1167

    Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM)... Read more

    • Published: Jul. 29, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1177

    Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors.... Read more

    Affected Products : mapserver mapserver
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1236

    Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a... Read more

    Affected Products : mac_os_x mac_os_x_server
    • Published: Apr. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1161

    Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Mana... Read more

    • Published: May. 21, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1216

    Multiple unspecified vulnerabilities in (1) unlzh.c and (2) unpack.c in the gzip libraries in Microsoft Windows Server 2008, Windows Services for UNIX 3.0 and 3.5, and the Subsystem for UNIX-based Applications (SUA); as used in gunzip, gzip, pack, pcat, a... Read more

    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1120

    EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_sr... Read more

    Affected Products : emc_replistor
    • Published: Jan. 15, 2020
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2009-1174

    The Web Services Security component in IBM WebSphere Application Server (WAS) 6.0.2 before 6.0.2.35 and 7.0 before 7.0.0.3 has an unspecified "security problem" in the XML digital-signature specification, which has unknown impact and attack vectors.... Read more

    Affected Products : websphere_application_server
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1057

    MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file that triggers memory corruption, related to a "format string buffer overflow." NOTE: CVE has not investigated whether the specified file.zip fi... Read more

    Affected Products : zipitfast\!
    • Published: Mar. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1176

    mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact v... Read more

    Affected Products : mapserver mapserver
    • Published: Mar. 31, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1048

    The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make ar... Read more

    • Published: Aug. 14, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1058

    Stack-based buffer overflow in ZipGenius might allow remote attackers to execute arbitrary code via a crafted .zip file that triggers an SEH overwrite. NOTE: it is possible that this overlaps CVE-2005-3317. NOTE: CVE has not investigated whether the spec... Read more

    Affected Products : zipgenius
    • Published: Mar. 24, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0939

    Tor before 0.2.0.34 treats incomplete IPv4 addresses as valid, which has unknown impact and attack vectors related to "Spec conformance," as demonstrated using 192.168.0.... Read more

    Affected Products : tor tor
    • Published: Mar. 18, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0921

    Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.d... Read more

    • Published: Mar. 25, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-1043

    Unspecified vulnerability in Microsoft Internet Explorer 8 on Windows 7 allows remote attackers to execute arbitrary code via unknown vectors triggered by clicking on a link, as demonstrated by Nils during a PWN2OWN competition at CanSecWest 2009.... Read more

    Affected Products : windows_7 internet_explorer
    • Published: Mar. 23, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0869

    Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0.0 through 5.5.1.4 on Windows allows remote attackers to cause a denial of service (application crash) or possibly execute arb... Read more

    • Published: Mar. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0898

    Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted HTTP request.... Read more

    Affected Products : openview_network_node_manager
    • Published: Dec. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0894

    Heap-based buffer overflow in the decoder_create function in the initialization functionality in xvidcore/src/decoder.c in Xvid before 1.2.2, as used by Windows Media Player and other applications, allows remote attackers to execute arbitrary code via vec... Read more

    Affected Products : xvid
    • Published: Jun. 02, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0836

    Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspe... Read more

    Affected Products : reader
    • Published: Mar. 10, 2009
    • Modified: Apr. 09, 2025

  • 10.0

    HIGH
    CVE-2009-0895

    Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow.... Read more

    Affected Products : edirectory
    • Published: Dec. 03, 2009
    • Modified: Apr. 09, 2025
Showing 20 of 293298 Results