Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2019-8722

    Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. This issue is fixed in Xcode 11.0. Compiling code without proper input validation could lead to arbitrary code execution with user privilege.... Read more

    Affected Products : xcode
    • EPSS Score: %0.60
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2020-8028

    A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local ... Read more

    Affected Products : manager_server salt-netapi-client
    • EPSS Score: %0.03
    • Published: Sep. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-15528

    An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks.... Read more

    Affected Products : galaxy
    • EPSS Score: %0.10
    • Published: Jul. 05, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-13404

    The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27 directory, which makes it easier for local users to deploy Trojan horse code. (This also affects old 3.x releases before 3.5.) NOTE: the vendor's position is that it is the... Read more

    Affected Products : python windows
    • EPSS Score: %0.12
    • Published: Jul. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-15415

    A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected softwa... Read more

    • EPSS Score: %0.23
    • Published: Oct. 05, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-20791

    Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker to bypass access restriction and to exchange unauthorized files between the local environment and the isolated environment or settings of the web browser via... Read more

    Affected Products : revoworks_browser
    • EPSS Score: %0.31
    • Published: Sep. 17, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-15476

    An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The SSL/TLS server certifi... Read more

    • EPSS Score: %0.14
    • Published: Aug. 30, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-6564

    Android devices with code from Ragentek contain a privileged binary that performs over-the-air (OTA) update checks. Additionally, there are multiple techniques used to hide the execution of this binary. This behavior could be described as a rootkit. This ... Read more

    • EPSS Score: %0.43
    • Published: Jul. 13, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-21965

    A denial of service vulnerability exists in the SeaMax remote configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigge... Read more

    • EPSS Score: %0.44
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-6742

    An elevation of privilege vulnerability in the Synaptics touchscreen driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first re... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Nov. 25, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-30354

    Amazon Kindle e-reader prior to and including version 5.13.4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function CJBig2Image::expand() and results in a memory corruption that leads to code execution when parsing a crafted P... Read more

    Affected Products : kindle_firmware kindle
    • EPSS Score: %0.88
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2018-3990

    An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and... Read more

    Affected Products : windows wibukey
    • EPSS Score: %0.12
    • Published: Feb. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2020-11210

    Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking... Read more

    • EPSS Score: %0.04
    • Published: Apr. 07, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-17106

    HEVC Video Extensions Remote Code Execution Vulnerability... Read more

    Affected Products : hevc_video_extensions
    • EPSS Score: %8.06
    • Published: Nov. 11, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-1585

    A vulnerability in the Cisco Adaptive Security Device Manager (ASDM) Launcher could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system. This vulnerability is due to a lack of proper signature verification for ... Read more

    • EPSS Score: %41.47
    • Published: Jul. 08, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-22727

    A CWE-20: Improper Input Validation vulnerability exists that could allow an unauthenticated attacker to view data, change settings, impact availability of the software, or potentially impact a user�s local machine when the user clicks a specially crafted... Read more

    • EPSS Score: %0.84
    • Published: Feb. 04, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-30317

    Improper validation of program headers containing ELF metadata can lead to image verification bypass in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industr... Read more

    • EPSS Score: %0.04
    • Published: Feb. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-35122

    Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearabl... Read more

    • EPSS Score: %0.05
    • Published: Sep. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-23677

    A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.... Read more

    • EPSS Score: %6.49
    • Published: May. 10, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-37583

    MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds write).... Read more

    • EPSS Score: %0.60
    • Published: Dec. 26, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292508 Results