Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2013-1319

    Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."... Read more

    Affected Products : publisher
    • EPSS Score: %61.37
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1318

    Microsoft Publisher 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Publisher file that triggers access to an invalid pointer, aka "Publisher Corrupt Interface Pointer Vulnerability."... Read more

    Affected Products : publisher
    • EPSS Score: %61.37
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1091

    Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : iprint
    • EPSS Score: %14.04
    • Published: May. 02, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-1083

    Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and attack vectors.... Read more

    • EPSS Score: %0.28
    • Published: Mar. 29, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2011-0476

    Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allow remote attackers to cause a denial of service (stack memory corruption) or possibly have unspecified other impact via a PDF document that triggers an out-of-memory error.... Read more

    Affected Products : chrome chrome_os
    • EPSS Score: %2.62
    • Published: Jan. 14, 2011
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0842

    Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors.... Read more

    Affected Products : chrome
    • EPSS Score: %0.34
    • Published: Jan. 24, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0804

    The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.... Read more

    Affected Products : groupwise
    • EPSS Score: %38.38
    • Published: Feb. 24, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0714

    IPSSH (aka the SSH server) in Wind River VxWorks 6.5 through 6.9 allows remote attackers to execute arbitrary code or cause a denial of service (daemon hang) via a crafted public-key authentication request.... Read more

    Affected Products : vxworks
    • EPSS Score: %9.32
    • Published: Mar. 20, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0636

    Stack-based buffer overflow in Adobe Shockwave Player before 12.0.0.112 allows attackers to execute arbitrary code via unspecified vectors.... Read more

    Affected Products : shockwave_player
    • EPSS Score: %30.76
    • Published: Feb. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0230

    Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.... Read more

    Affected Products : miniupnpd
    • EPSS Score: %80.14
    • Published: Jan. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2013-0073

    The Windows Forms (aka WinForms) component in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 does not properly restrict the privileges of a callback function during object creation, which allows remote attackers to execute arbitrary code via (1)... Read more

    • EPSS Score: %53.18
    • Published: Feb. 13, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6603

    The web management UI in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to bypass authentication and obtain administrator privileges via unspecified vectors, aka Ref ID 37034.... Read more

    Affected Products : pan-os
    • EPSS Score: %1.69
    • Published: Aug. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6601

    The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x before 4.1.4 allows remote attackers to execute arbitrary code via unspecified vectors, aka Ref ID 36983.... Read more

    Affected Products : pan-os
    • EPSS Score: %8.42
    • Published: Aug. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6593

    Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.4 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 30088.... Read more

    Affected Products : pan-os
    • EPSS Score: %3.36
    • Published: Aug. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6592

    Palo Alto Networks PAN-OS before 3.1.10 and 4.0.x before 4.0.5 allows remote attackers to execute arbitrary commands via unspecified vectors, aka Ref ID 31091.... Read more

    Affected Products : pan-os
    • EPSS Score: %3.36
    • Published: Aug. 31, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-6429

    Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.... Read more

    Affected Products : kies
    • EPSS Score: %56.95
    • Published: Apr. 04, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2012-6067

    freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c.... Read more

    Affected Products : freeftpd
    • EPSS Score: %2.49
    • Published: Dec. 04, 2012
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5209

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1659.... Read more

    • EPSS Score: %28.74
    • Published: Mar. 09, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-5201

    Unspecified vulnerability in HP Intelligent Management Center (iMC) and Intelligent Management Center for Automated Network Manager (ANM) before 5.2 E0401 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1611.... Read more

    • EPSS Score: %74.88
    • Published: Mar. 09, 2013
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2012-4876

    Stack-based buffer overflow in the UltraMJCam ActiveX Control in TRENDnet SecurView TV-IP121WN Wireless Internet Camera allows remote attackers to execute arbitrary code via a long string to the OpenFileDlg method.... Read more

    • EPSS Score: %73.07
    • Published: Sep. 06, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 291513 Results