Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2013-3743

    Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.... Read more

    Affected Products : jdk jre jre jdk
    • EPSS Score: %7.30
    • Published: Jun. 18, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-40702

    Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious psd file, potentially resulting in arbitrary code execution in the context of the current user. User intera... Read more

    Affected Products : macos windows premiere_elements
    • EPSS Score: %3.83
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-1335

    Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different v... Read more

    Affected Products : webex_recording_format_player
    • EPSS Score: %7.78
    • Published: Apr. 05, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-5805

    Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013... Read more

    Affected Products : jdk jre
    • EPSS Score: %1.38
    • Published: Oct. 16, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-9748

    Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .fla file ... Read more

    Affected Products : windows animate
    • EPSS Score: %1.09
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2007-3738

    Multiple unspecified vulnerabilities in Mozilla Firefox before 2.0.0.5 allow remote attackers to execute arbitrary code via a crafted XPCNativeWrapper.... Read more

    Affected Products : firefox
    • EPSS Score: %11.99
    • Published: Jul. 18, 2007
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2016-0960

    Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allow attackers... Read more

    • EPSS Score: %8.78
    • Published: Mar. 12, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-40397

    A privilege escalation vulnerability exists in the installation of Advantech WISE-PaaS/OTA Server 3.0.9. A specially-crafted file can be replaced in the system to escalate privileges to NT SYSTEM authority. An attacker can provide a malicious file to trig... Read more

    Affected Products : wise-paas\/ota
    • EPSS Score: %0.12
    • Published: Jan. 28, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-40402

    An out-of-bounds read vulnerability exists in the RS-274X aperture macro multiple outline primitives functionality of Gerbv 2.7.0 and dev (commit b5f1eacd), and Gerbv forked 2.7.1 and 2.8.0. A specially-crafted Gerber file can lead to information disclosu... Read more

    Affected Products : gerbv
    • EPSS Score: %0.34
    • Published: Apr. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-40348

    Spacewalk 2.10, and derivatives such as Uyuni 2021.08, allows code injection. rhn-config-satellite.pl doesn't sanitize the configuration filename used to append Spacewalk-specific key-value pair. The script is intended to be run by the tomcat user account... Read more

    Affected Products : uyuni spacewalk
    • EPSS Score: %0.45
    • Published: Nov. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-3973

    vim is vulnerable to Heap-based Buffer Overflow... Read more

    Affected Products : fedora debian_linux vim
    • EPSS Score: %0.19
    • Published: Nov. 19, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4337

    A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.... Read more

    Affected Products : mac_os_x iphone_os tvos watchos
    • EPSS Score: %0.18
    • Published: Apr. 03, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-16405

    An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation th... Read more

    • EPSS Score: %8.68
    • Published: Dec. 09, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2015-0027

    Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-20... Read more

    Affected Products : internet_explorer
    • EPSS Score: %24.07
    • Published: Feb. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-3057

    A stack-based buffer overflow vulnerability exists in the Palo Alto Networks GlobalProtect app that enables a man-in-the-middle attacker to disrupt system processes and potentially execute arbitrary code with SYSTEM privileges. This issue impacts: GlobalP... Read more

    Affected Products : globalprotect
    • EPSS Score: %0.70
    • Published: Oct. 13, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39817

    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is require... Read more

    Affected Products : windows bridge
    • EPSS Score: %0.79
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39824

    Adobe Premiere Elements version 2021.2235820 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious png file, potentially resulting in arbitrary code execution in the context of the current user. User intera... Read more

    Affected Products : macos windows premiere_elements
    • EPSS Score: %3.83
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39787

    In SystemUI, there is a possible arbitrary Activity launch due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: And... Read more

    Affected Products : android
    • EPSS Score: %0.04
    • Published: Mar. 30, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39816

    Adobe Bridge version 11.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious Bridge file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is require... Read more

    Affected Products : windows bridge
    • EPSS Score: %0.79
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39702

    In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges n... Read more

    Affected Products : android
    • EPSS Score: %0.02
    • Published: Mar. 16, 2022
    • Modified: Nov. 21, 2024
Showing 20 of 292495 Results