Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2021-28635

    Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code ... Read more

    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28624

    Adobe Bridge version 11.0.2 (and earlier) are affected by a Heap-based Buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of thi... Read more

    Affected Products : windows bridge
    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28594

    Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an Uncontrolled Search Path Element vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the conte... Read more

    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28586

    After Effects version 18.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open... Read more

    Affected Products : windows after_effects
    • Published: Jun. 28, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-6153

    Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Microsoft Browser Memory Corruption Vulnerability," a different vulnerability ... Read more

    Affected Products : edge internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6147

    Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015... Read more

    Affected Products : internet_explorer
    • Published: Dec. 09, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-6089

    The Microsoft (1) VBScript and (2) JScript engines, as used in Internet Explorer 8 through 11, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Scripting Engine Memory Corruptio... Read more

    Affected Products : internet_explorer vbscript jscript
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-28596

    Adobe Framemaker version 2020.0.1 (and earlier) and 2019.0.8 (and earlier) are affected by an Out-of-bounds Write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code ... Read more

    Affected Products : windows framemaker
    • Published: Aug. 23, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-6071

    Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-28639

    Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Use-after-free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code... Read more

    • Published: Aug. 20, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28570

    Adobe After Effects version 18.1 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An unauthenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issu... Read more

    Affected Products : windows after_effects
    • Published: Jun. 28, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28565

    Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by an Out-of-bounds Read vulnerability in the PDFLibTool component. An unauthenticated attacker could leverage thi... Read more

    • Published: Sep. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28610

    Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the contex... Read more

    Affected Products : windows after_effects
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28606

    Adobe After Effects version 18.2 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the conte... Read more

    Affected Products : windows after_effects
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-28607

    Adobe After Effects version 18.2 (and earlier) is affected by a heap corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the cu... Read more

    Affected Products : windows after_effects
    • Published: Aug. 24, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-3770

    IOGraphics in Apple OS X before 10.10.5 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5783.... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Aug. 16, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2548

    Use-after-free vulnerability in the Tablet Input Band in Windows Shell in Microsoft Windows Vista SP2 and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Microsoft Tablet Input Band Use After Free Vulnerability... Read more

    Affected Products : windows_7 windows_vista
    • Published: Oct. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2448

    Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability."... Read more

    Affected Products : internet_explorer
    • Published: Aug. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2424

    Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafte... Read more

    • Actively Exploited
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-2422

    Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025
Showing 20 of 293584 Results