Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2019-2186

    In GetMBheader of combined_decode.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: And... Read more

    Affected Products : android
    • EPSS Score: %0.37
    • Published: Oct. 11, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-8938

    The MSM camera driver in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate input parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28804030 and Qualcomm intern... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Aug. 06, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-8995

    In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: May. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-6949

    Stack-based buffer overflow in the ASUS TM-AC1900 router allows remote attackers to execute arbitrary code via crafted HTTP header values.... Read more

    Affected Products : tm-1900
    • EPSS Score: %6.02
    • Published: Sep. 15, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-0501

    Stack-based buffer overflow in Music Animation Machine MIDI Player 2006aug19 Release 035 and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long line in a .mamx file.... Read more

    • EPSS Score: %8.92
    • Published: Jan. 20, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-4343

    IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to ... Read more

    Affected Products : windows i2_analysts_notebook
    • EPSS Score: %1.95
    • Published: May. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-5631

    The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerability in the 'prunsrv.exe' component of the product. If exploited, a local user of the system (who must already be authenticated to the operating system) can elevate their privileges wit... Read more

    Affected Products : insightappsec
    • EPSS Score: %0.11
    • Published: Aug. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-14327

    The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" ... Read more

    • EPSS Score: %1.00
    • Published: Sep. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-3894

    Stack-based buffer overflow in the Java_com_ibm_es_oss_CryptionNative_ESEncrypt function in /opt/IBM/es/lib/libffq.cryptionjni.so in the login form in the administration interface in IBM OmniFind Enterprise Edition before 8.5 FP6 allows remote attackers t... Read more

    Affected Products : omnifind
    • EPSS Score: %13.04
    • Published: Nov. 12, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5578

    Buffer overflow in the ToDot method in the WINGRAPHVIZLib.NEATO ActiveX control in WinGraphviz.dll in StarUML allows remote attackers to execute arbitrary code via a long argument.... Read more

    Affected Products : staruml
    • EPSS Score: %34.02
    • Published: Aug. 25, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-14026

    CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export.... Read more

    Affected Products : ozeki_ng_sms_gateway
    • EPSS Score: %1.03
    • Published: Sep. 22, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-1179

    Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a large integer in the numcolors attribute of a recolorinfo element in a VML file, possibly a re... Read more

    Affected Products : iphone_os safari
    • EPSS Score: %3.98
    • Published: Mar. 29, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2016-6182

    The Camera driver in Huawei Honor 4C smartphones with software CHM-UL00C00 before CHM-UL00C00B564, CHM-TL00C01 before CHM-TL00C01B564, and CHM-TL00C00 before CHM-TL00HC00B564 allows attackers to cause a denial of service (system crash) or gain privileges ... Read more

    Affected Products : honor_4c_firmware honor_4c
    • EPSS Score: %0.10
    • Published: Sep. 07, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-0827

    Multiple integer overflows in libeffects in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allow attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSyst... Read more

    Affected Products : android
    • EPSS Score: %0.07
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-0858

    Race condition in Advantech WebAccess before 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted request.... Read more

    Affected Products : webaccess advantech_webaccess
    • EPSS Score: %1.15
    • Published: Jan. 15, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-0302

    In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Produ... Read more

    Affected Products : android
    • EPSS Score: %0.06
    • Published: Feb. 10, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2018-2623

    Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported version that is affected is Prior to 8.7.13. Easily exploitable vulnerability allows unauthenticated attac... Read more

    • EPSS Score: %1.74
    • Published: Jan. 18, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43664

    totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component process forceugpo.... Read more

    Affected Products : ex300_v2_firmware ex300_v2
    • EPSS Score: %4.44
    • Published: Mar. 30, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1926

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected sof... Read more

    • EPSS Score: %0.30
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1928

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist because the affected sof... Read more

    • EPSS Score: %0.30
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291783 Results