Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    CRITICAL
    CVE-2014-125116

    A remote code execution vulnerability exists in HybridAuth versions 2.0.9 through 2.2.2 due to insecure use of the install.php installation script. The script remains accessible after deployment and fails to sanitize input before writing to the applicatio... Read more

    Affected Products :
    • Published: Jul. 25, 2025
    • Modified: Jul. 29, 2025
    • Vuln Type: Misconfiguration

  • 9.3

    HIGH
    CVE-2022-24492

    Remote Procedure Call Runtime Remote Code Execution Vulnerability... Read more

    • EPSS Score: %2.48
    • Published: Apr. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-7189

    The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."... Read more

    Affected Products : edge
    • EPSS Score: %78.62
    • Published: Oct. 14, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1755

    The kernel in Apple iOS before 9.3, OS X before 10.11.4, tvOS before 9.2, and watchOS before 2.2 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerabili... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %3.45
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-4186

    Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.... Read more

    Affected Products : windows iprint
    • EPSS Score: %19.62
    • Published: Feb. 21, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-2945

    Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.0 through 14.0.5 and RealPlayer SP 1.0 through 1.1.5 allows remote attackers to execute arbitrary code via a crafted SIPR stream.... Read more

    Affected Products : realplayer realplayer_sp
    • EPSS Score: %7.04
    • Published: Aug. 18, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2010-4377

    Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code by specifying many subban... Read more

    • EPSS Score: %5.83
    • Published: Dec. 14, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2009-0238

    Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote att... Read more

    • EPSS Score: %58.07
    • Published: Feb. 25, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2007-6250

    Stack-based buffer overflow in AOL AOLMediaPlaybackControl (AOLMediaPlaybackControl.exe), as used by AmpX ActiveX control (AmpX.dll), might allow remote attackers to execute arbitrary code via the AppendFileToPlayList method.... Read more

    Affected Products : aolmediaplaybackcontrol ampx
    • EPSS Score: %68.90
    • Published: Jan. 09, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2006-3651

    Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693.... Read more

    Affected Products : office word
    • EPSS Score: %59.34
    • Published: Oct. 10, 2006
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2022-21917

    HEVC Video Extensions Remote Code Execution Vulnerability... Read more

    Affected Products : hevc_video_extensions
    • EPSS Score: %2.05
    • Published: Jan. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40727

    Access of Memory Location After End of Buffer (CWE-788... Read more

    Affected Products : macos windows indesign
    • EPSS Score: %0.41
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-6515

    Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    • EPSS Score: %3.07
    • Published: Jul. 22, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1226

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1225.... Read more

    Affected Products : office 365_apps excel
    • EPSS Score: %20.62
    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-7877

    Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the Action Message Format serialization (AFM0). Successful exploitation could lead to arbitrary code execution.... Read more

    • EPSS Score: %6.61
    • Published: Dec. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-4175

    Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • EPSS Score: %36.69
    • Published: Jul. 13, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6158

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability ... Read more

    Affected Products : edge internet_explorer
    • EPSS Score: %18.14
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-0091

    Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary... Read more

    • EPSS Score: %28.35
    • Published: Mar. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2014-1755

    Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-0235 ... Read more

    Affected Products : internet_explorer
    • EPSS Score: %22.76
    • Published: Apr. 08, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-5838

    Unspecified vulnerability in Oracle Java SE 7u25 and earlier, and Java SE Embedded 7u25 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.... Read more

    Affected Products : jdk jre
    • EPSS Score: %3.08
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025
Showing 20 of 292386 Results