Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2022-30662

    Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interacti... Read more

    Affected Products : macos windows indesign
    • EPSS Score: %2.96
    • Published: Jun. 16, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-34081

    OS Command Injection vulnerability in bbultman gitsome through 0.2.3 allows attackers to execute arbitrary commands via a crafted tag name of the target git repository.... Read more

    Affected Products : gitsome
    • EPSS Score: %6.24
    • Published: Jun. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-28233

    Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability in the processing of annotations that could result in arbitrary code execution in the context o... Read more

    • EPSS Score: %3.06
    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-28243

    Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memo... Read more

    • EPSS Score: %0.93
    • Published: May. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-24096

    Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user... Read more

    Affected Products : macos windows after_effects
    • EPSS Score: %0.92
    • Published: Mar. 11, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-33740

    Windows Media Remote Code Execution Vulnerability... Read more

    • EPSS Score: %1.30
    • Published: Jul. 14, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-51818

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Fancy Product Designer. This issue affects Fancy Product Designer: from n/a through 6.4.3.... Read more

    Affected Products : fancy_product_designer
    • Published: Jan. 21, 2025
    • Modified: Jan. 21, 2025
    • Vuln Type: Injection

  • 9.3

    CRITICAL
    CVE-2022-1650

    Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository eventsource/eventsource prior to v2.0.2. ... Read more

    Affected Products : debian_linux eventsource
    • EPSS Score: %2.66
    • Published: May. 12, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-51757

    happy-dom is a JavaScript implementation of a web browser without its graphical user interface. Versions of happy-dom prior to 15.10.2 may execute code on the host via a script tag. This would execute code in the user context of happy-dom. Users are advis... Read more

    Affected Products :
    • Published: Nov. 06, 2024
    • Modified: Nov. 08, 2024

  • 9.3

    HIGH
    CVE-2021-44709

    Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a heap overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in ... Read more

    • EPSS Score: %3.48
    • Published: Jan. 14, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-43011

    Adobe Prelude version 10.1 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue re... Read more

    Affected Products : prelude windows
    • EPSS Score: %3.06
    • Published: Nov. 16, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-51615

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through 3.7.... Read more

    Affected Products : wordpress_auction
    • Published: Dec. 06, 2024
    • Modified: Dec. 06, 2024

  • 9.3

    HIGH
    CVE-2021-42531

    XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must ope... Read more

    • EPSS Score: %1.49
    • Published: May. 02, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-42298

    Microsoft Defender Remote Code Execution Vulnerability... Read more

    Affected Products : malware_protection_engine
    • EPSS Score: %1.07
    • Published: Nov. 10, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2021-32989

    When a non-existent resource is requested, the LCDS LAquis SCADA application (version 4.3.1.1011 and prior) returns error messages which may allow reflected cross-site scripting.... Read more

    Affected Products : laquis_scada
    • EPSS Score: %0.20
    • Published: May. 25, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-51561

    This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting and manipulating the responses exchanged during the se... Read more

    Affected Products : aero wave_2.0
    • Published: Nov. 04, 2024
    • Modified: Nov. 06, 2024

  • 9.3

    HIGH
    CVE-2021-39847

    XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open... Read more

    • EPSS Score: %0.51
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-32826

    Proxyee-Down is open source proxy software. An attacker being able to provide an extension script (eg: through a MiTM attack or by hosting a malicious extension) may be able to run arbitrary commands on the system running Proxyee-Down. For more details in... Read more

    Affected Products : proxyee-down
    • EPSS Score: %0.24
    • Published: Aug. 16, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-3624

    There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system.... Read more

    Affected Products : debian_linux dcraw
    • EPSS Score: %0.28
    • Published: Apr. 18, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-36065

    Adobe Photoshop versions 21.2.10 (and earlier) and 22.4.3 (and earlier) are affected by a heap-based buffer overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user i... Read more

    Affected Products : macos windows photoshop
    • EPSS Score: %5.69
    • Published: Sep. 01, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 292725 Results