Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2019-7993

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7833

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more

    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7304

    Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an attacker to run arbitrary commands as root. This issue affects: Canonical snapd versions prior to 2.37.1.... Read more

    Affected Products : ubuntu_linux snapd
    • Published: Apr. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7119

    Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code ex... Read more

    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7083

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-5319

    A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba... Read more

    • Published: Mar. 30, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-4087

    IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulnerable to a stack-based buffer overflow, caused by improper bounds checking by servers and storage agents in response to specifically crafted communication exchanges. By sending an overly... Read more

    • Published: Jul. 02, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-31474

    This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Network Performance Monitor 2020.2.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SolarWinds... Read more

    Affected Products : network_performance_monitor
    • Published: May. 21, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-31316

    The unprivileged user portal part of CentOS Web Panel is affected by a SQL Injection via the 'idsession' HTTP POST parameter.... Read more

    Affected Products : webpanel
    • Published: May. 18, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14896

    A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote attacker could cause a denial of service (system crash) or, possibly execute arbitrary code, when the lbs_ibss_join_exis... Read more

    • Published: Nov. 27, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-1181

    A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authen... Read more

    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2019-11510

    In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability .... Read more

    Affected Products : pulse_connect_secure connect_secure
    • Actively Exploited
    • Published: May. 08, 2019
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2018-8302

    A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.... Read more

    Affected Products : exchange_server
    • Published: Aug. 15, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-7084

    A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files,... Read more

    • Published: May. 10, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2018-4872

    An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is a security bypass vulnerability that leads to a sandbox escape. Specifical... Read more

    • Published: Feb. 27, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-15961

    Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : coldfusion
    • Actively Exploited
    • Published: Sep. 25, 2018
    • Modified: Feb. 13, 2025

  • 10.0

    HIGH
    CVE-2021-30805

    A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. An application may be able to execute arbitrary code with kernel privile... Read more

    Affected Products : macos mac_os_x
    • Published: Sep. 08, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-14933

    upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command.... Read more

    Affected Products : nvrmini_firmware nvrmini_2 nvrmini
    • Actively Exploited
    • Published: Aug. 04, 2018
    • Modified: Feb. 06, 2025

  • 10.0

    HIGH
    CVE-2018-14643

    An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context... Read more

    Affected Products : foreman
    • Published: Sep. 21, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2018-12756

    Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user... Read more

    • Published: Jul. 20, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293436 Results