Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2015-3621

    Untrusted search path vulnerability in SAP Enterprise Central Component (ECC) allows local users to gain privileges via a Trojan horse program.... Read more

    Affected Products : enterprise_central_component
    • EPSS Score: %0.42
    • Published: Jul. 16, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-7216

    Multiple stack-based buffer overflows in Yahoo! Messenger 11.5.0.228 and earlier allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the (1) shortcut or (2) title keys in an emoticons.xml file.... Read more

    Affected Products : messenger
    • EPSS Score: %5.59
    • Published: Sep. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3837

    The OpenSSLX509Certificate class in org/conscrypt/OpenSSLX509Certificate.java in Android before 5.1.1 LMY48I improperly includes certain context data during serialization and deserialization, which allows attackers to execute arbitrary code via an applica... Read more

    Affected Products : android
    • EPSS Score: %0.79
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3858

    The checkDestination function in internal/telephony/SMSDispatcher.java in Android before 5.1.1 LMY48M relies on an obsolete permission name for an authorization check, which allows attackers to bypass an intended user-confirmation requirement for SMS shor... Read more

    Affected Products : android
    • EPSS Score: %0.16
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3863

    Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and read arbitrary Keystore keys via an application that uses a crafted blob in an insert operation,... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Oct. 01, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-3876

    libstagefright in Android through 5.1.1 LMY48M allows remote attackers to execute arbitrary code via crafted metadata in a (1) MP3 or (2) MP4 file.... Read more

    Affected Products : android
    • EPSS Score: %4.56
    • Published: Oct. 02, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6606

    The Secure Element Evaluation Kit (aka SEEK or SmartCard API) plugin in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 2230178... Read more

    Affected Products : android
    • EPSS Score: %0.89
    • Published: Oct. 06, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-7361

    FortiOS 5.2.3, when configured to use High Availability (HA) and the dedicated management interface is enabled, does not require authentication for access to the ZebOS shell on the HA dedicated management interface, which allows remote attackers to obtain... Read more

    Affected Products : fortios
    • EPSS Score: %0.74
    • Published: Oct. 15, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6612

    libmedia in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to gain privileges via a crafted application, aka internal bug 23540426.... Read more

    Affected Products : android
    • EPSS Score: %7.72
    • Published: Nov. 03, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2018-3971

    An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in m... Read more

    Affected Products : hitmanpro.alert
    • EPSS Score: %0.06
    • Published: Oct. 25, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9531

    In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Pro... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Nov. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9549

    In lppTransposer of lpp_tran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. V... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9573

    In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitatio... Read more

    Affected Products : android
    • EPSS Score: %0.18
    • Published: Dec. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9575

    In impd_parse_dwnmix_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exp... Read more

    Affected Products : android
    • EPSS Score: %0.18
    • Published: Dec. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-18600

    The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter.... Read more

    • EPSS Score: %1.67
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 9.3

    CRITICAL
    CVE-2018-11284

    Spoofed SMS can be used to send a large number of messages to the device which will in turn initiate a flood of registration updates with the server in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 6... Read more

    • EPSS Score: %0.26
    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1638

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected softwa... Read more

    • EPSS Score: %0.30
    • Published: Jan. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1640

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected softwa... Read more

    • EPSS Score: %0.30
    • Published: Jan. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-6271

    NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-801984... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Feb. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1991

    In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.... Read more

    Affected Products : android
    • EPSS Score: %1.00
    • Published: Feb. 28, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291564 Results