Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2020-9789

    An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Pr... Read more

    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9747

    Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user. This vulnerability requires user interaction to exploi... Read more

    Affected Products : windows animate
    • Published: Oct. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9570

    Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .... Read more

    Affected Products : windows illustrator
    • Published: Jun. 26, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-9563

    Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : windows bridge
    • Published: Jun. 26, 2020
    • Modified: May. 05, 2025

  • 9.3

    CRITICAL
    CVE-2020-8933

    A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can at... Read more

    Affected Products : leap guest-oslogin
    • Published: Jun. 22, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-6524

    Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.... Read more

    • Published: Jul. 22, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-21062

    Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Memory corruption vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could ... Read more

    • Published: Feb. 11, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-3853

    A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. A malicious application may be able to execute arbitrary code with system privileg... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-29367

    blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.... Read more

    Affected Products : c-blosc2 c-blosc2
    • Published: Nov. 27, 2020
    • Modified: Apr. 25, 2025

  • 9.3

    HIGH
    CVE-2020-26970

    When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. ... Read more

    Affected Products : thunderbird
    • Published: Dec. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-17122

    Microsoft Excel Remote Code Execution Vulnerability... Read more

    • Published: Dec. 10, 2020
    • Modified: Aug. 28, 2025

  • 9.3

    HIGH
    CVE-2020-16918

    <p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p> <p>An attacker who successfully exploited the vulnerability would gain execution on a victim system.</p> <p>The security update addresses the v... Read more

    Affected Products : 365_apps 3d_viewer
    • Published: Oct. 16, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2020-15708

    Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.... Read more

    Affected Products : ubuntu_linux
    • Published: Nov. 06, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-15659

    Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run ... Read more

    • Published: Aug. 10, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1494

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If... Read more

    Affected Products : office 365_apps excel
    • Published: Aug. 17, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1435

    A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.... Read more

    • Published: Jul. 14, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1286

    A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user, aka 'Windows Shell Remote Code... Read more

    • Published: Jun. 09, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1171

    A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads configuration files after opening a project, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2... Read more

    Affected Products : visual_studio_code python
    • Published: May. 21, 2020
    • Modified: Jul. 08, 2025

  • 9.3

    HIGH
    CVE-2020-1113

    A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.... Read more

    • Published: May. 21, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-1008

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, ... Read more

    • Published: Apr. 15, 2020
    • Modified: Nov. 21, 2024
Showing 20 of 292803 Results