Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2018-3971

    An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in m... Read more

    Affected Products : hitmanpro.alert
    • EPSS Score: %0.06
    • Published: Oct. 25, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9531

    In AudioSpecificConfig_Parse of tpdec_asc.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Pro... Read more

    Affected Products : android
    • EPSS Score: %0.21
    • Published: Nov. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9549

    In lppTransposer of lpp_tran.cpp there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. V... Read more

    Affected Products : android
    • EPSS Score: %0.25
    • Published: Dec. 06, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9573

    In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitatio... Read more

    Affected Products : android
    • EPSS Score: %0.18
    • Published: Dec. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-9575

    In impd_parse_dwnmix_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exp... Read more

    Affected Products : android
    • EPSS Score: %0.18
    • Published: Dec. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-18600

    The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter.... Read more

    • EPSS Score: %1.67
    • Published: Dec. 31, 2018
    • Modified: May. 06, 2025

  • 9.3

    CRITICAL
    CVE-2018-11284

    Spoofed SMS can be used to send a large number of messages to the device which will in turn initiate a flood of registration updates with the server in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 6... Read more

    • EPSS Score: %0.26
    • Published: Jan. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1638

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected softwa... Read more

    • EPSS Score: %0.30
    • Published: Jan. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1640

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected softwa... Read more

    • EPSS Score: %0.30
    • Published: Jan. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-6271

    NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-801984... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Feb. 13, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1991

    In btif_dm_data_copy of btif_core.cc, there is a possible out of bounds write due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android.... Read more

    Affected Products : android
    • EPSS Score: %1.00
    • Published: Feb. 28, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-1007

    A specially crafted configuration file could be used to cause a stack-based buffer overflow condition in the OPCTest.exe, which may allow remote code execution on Opto 22 PAC Project Professional versions prior to R9.4008, PAC Project Basic versions prior... Read more

    • EPSS Score: %0.54
    • Published: Mar. 25, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1010260

    Using ktlint to download and execute custom rulesets can result in arbitrary code execution as the served jars can be compromised by a MITM. This attack is exploitable via Man in the Middle of the HTTP connection to the artifact servers. This vulnerabilit... Read more

    Affected Products : ktlint
    • EPSS Score: %0.22
    • Published: Apr. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2018-3974

    An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability a... Read more

    Affected Products : galaxy
    • EPSS Score: %0.11
    • Published: Apr. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2018-4049

    An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of installed games to exploit this vulnerab... Read more

    Affected Products : galaxy
    • EPSS Score: %0.08
    • Published: Apr. 02, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-10673

    A CSRF vulnerability in a logged-in user's profile edit form in the Ultimate Member plugin before 2.0.40 for WordPress allows attackers to become admin and subsequently extract sensitive information and execute arbitrary code. This occurs because the atta... Read more

    Affected Products : ultimate_member
    • EPSS Score: %0.43
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-17023

    The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the soft... Read more

    • EPSS Score: %0.08
    • Published: Apr. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2018-4008

    An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the RunVpncScript command. The command takes a user-supplied script argument and executes it under root context. A user with local access can use this vuln... Read more

    Affected Products : shimo_vpn
    • EPSS Score: %0.11
    • Published: Apr. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-2027

    In floor0_inverse1 of floor0.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Androi... Read more

    Affected Products : android
    • EPSS Score: %0.34
    • Published: Apr. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-11416

    A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user.... Read more

    Affected Products : iwr_3000n_firmware iwr_3000n
    • EPSS Score: %1.89
    • Published: Apr. 22, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291773 Results