Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

9.8

CRITICAL

CVE-2019-3681

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSU...

Affected Products : leap linux_enterprise_server linux_enterprise_software_development_kit osc factory
EPSS Score: %1.62

Published: Jun. 29, 2020

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-18501

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run ar...

Affected Products : firefox firefox_esr thunderbird ubuntu_linux debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_eus
EPSS Score: %2.59

Published: Feb. 05, 2019

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-38187

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a *u8 to a *u64....

Affected Products : anymap
EPSS Score: %0.36

Published: Aug. 08, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2019-3888

A vulnerability was found in Undertow web server before 2.0.21. An information exposure of plain text credentials through log files because Connectors.executeRootHandler:402 logs the HttpServerExchange object at ERROR level using UndertowLogger.REQUEST_LO...

Affected Products : enterprise_linux active_iq_unified_manager virtualization virtualization_host jboss_data_grid undertow openshift_application_runtimes
EPSS Score: %0.57

Published: Jun. 12, 2019

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2016-7938

The ZeroMQ parser in tcpdump before 4.9.0 has an integer overflow in print-zeromq.c:zmtp1_print_frame()....

Affected Products : tcpdump
EPSS Score: %0.72

Published: Jan. 28, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2018-18311

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations....

Affected Products : ubuntu_linux enterprise_linux fedora debian_linux enterprise_linux_desktop enterprise_linux_server enterprise_linux_workstation enterprise_linux_server_aus enterprise_linux_server_tus openshift_container_platform +8 more products
EPSS Score: %4.13

Published: Dec. 07, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2022-31686

VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application...

Affected Products : workspace_one_assist
EPSS Score: %0.54

Published: Nov. 09, 2022

Modified: May. 01, 2025
9.8

CRITICAL

CVE-2021-2029

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network ac...

Affected Products : e-business_suite scripting
EPSS Score: %1.90

Published: Jan. 20, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2021-2047

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker...

Affected Products : weblogic_server
EPSS Score: %26.76

Published: Jan. 20, 2021

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2017-6403

An issue was discovered in Veritas NetBackup Before 8.0 and NetBackup Appliance Before 3.0. NetBackup Cloud Storage Service uses a hardcoded username and password....

Affected Products : netbackup_appliance netbackup
EPSS Score: %2.46

Published: Mar. 02, 2017

Modified: Apr. 20, 2025
9.8

CRITICAL

CVE-2022-42842

The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. A remote user may be able to cause kernel code execution....

Affected Products : macos iphone_os tvos watchos ipados
EPSS Score: %2.08

Published: Dec. 15, 2022

Modified: Apr. 21, 2025
9.8

CRITICAL

CVE-2020-25020

MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components....

Affected Products : primavera_unifier mpxj comos
EPSS Score: %2.20

Published: Aug. 29, 2020

Modified: May. 05, 2025
9.8

CRITICAL

CVE-2022-4337

An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch....

Affected Products : debian_linux openvswitch
EPSS Score: %0.38

Published: Jan. 10, 2023

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2023-34362

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated a...

Affected Products : moveit_transfer moveit_cloud
Actively Exploited

EPSS Score: %94.31

Published: Jun. 02, 2023

Modified: Dec. 20, 2024
9.8

CRITICAL

CVE-2022-45138

The configuration backend of the web-based management can be used by unauthenticated users, although only authenticated users should be able to use the API. The vulnerability allows an unauthenticated attacker to read and set several device parameters tha...

Affected Products : touch_panel_600_standard_firmware touch_panel_600_advanced_firmware touch_panel_600_marine_firmware pfc100_firmware pfc200_firmware 751-9301_firmware 752-8303\/8000-002_firmware pfc100 pfc200 touch_panel_600_advanced +4 more products
EPSS Score: %0.21

Published: Feb. 27, 2023

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2018-20019

LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution...

Affected Products : ubuntu_linux debian_linux libvncserver simatic_itc1500_firmware simatic_itc1500_pro_firmware simatic_itc1900_firmware simatic_itc1900_pro_firmware simatic_itc2200_firmware simatic_itc2200_pro_firmware simatic_itc1500 +5 more products
EPSS Score: %17.31

Published: Dec. 19, 2018

Modified: Nov. 21, 2024
9.8

CRITICAL

CVE-2022-46393

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_C...

Affected Products : fedora mbed_tls
EPSS Score: %0.64

Published: Dec. 15, 2022

Modified: Apr. 21, 2025
9.8

CRITICAL

CVE-2022-47629

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser....

Affected Products : debian_linux libksba
EPSS Score: %1.84

Published: Dec. 20, 2022

Modified: Apr. 16, 2025
9.8

CRITICAL

CVE-2022-47939

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. fs/ksmbd/smb2pdu.c has a use-after-free and OOPS for SMB2_TREE_DISCONNECT....

Affected Products : linux_kernel
EPSS Score: %0.91

Published: Dec. 23, 2022

Modified: Apr. 14, 2025
9.8

CRITICAL

CVE-2023-1698

In multiple products of WAGO a vulnerability allows an unauthenticated, remote attacker to create new users and change the device configuration which can result in unintended behaviour, Denial of Service and full system compromise....

Affected Products : touch_panel_600_standard_firmware touch_panel_600_advanced_firmware touch_panel_600_marine_firmware pfc100_firmware pfc200_firmware edge_controller_firmware compact_controller_100_firmware compact_controller_100 edge_controller pfc100 +4 more products
EPSS Score: %93.76

Published: May. 15, 2023

Modified: Nov. 21, 2024

Showing 20 of 292238 Results

1
...
1496
1497
1498
1499
1500
1501
1502
...
14612

Browse by Apps

Latest CVE Feed

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

9.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable