Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2001-0537

    HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.... Read more

    Affected Products : ios
    • Published: Jul. 21, 2001
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2018-1000118

    Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their ... Read more

    Affected Products : electron
    • Published: Mar. 07, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0861

    Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018... Read more

    Affected Products : edge windows_10 windows_server_2016
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0920

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-... Read more

    Affected Products : excel
    • Published: Apr. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0834

    Microsoft Edge and ChakraCore in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Th... Read more

    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0798

    Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerabil... Read more

    Affected Products : office word office_compatibility_pack
    • Actively Exploited
    • Published: Jan. 10, 2018
    • Modified: Mar. 26, 2025

  • 9.3

    HIGH
    CVE-2018-0849

    Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote ... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Jan. 22, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0797

    Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".... Read more

    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0796

    Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnera... Read more

    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0858

    ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0834, CVE-2018-0835, CVE-2018-0836, CVE-2018-0837, C... Read more

    Affected Products : chakracore
    • Published: Feb. 15, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0848

    Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote ... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Jan. 22, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0794

    Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerabi... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0792

    Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794.... Read more

    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0804

    Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote ... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Jan. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0598

    Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : windows
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0601

    Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : axpdfium
    • Published: Jun. 26, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0562

    Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : soundengine
    • Published: Apr. 16, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0544

    Untrusted search path vulnerability in WinShot 1.53a and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : winshot
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0543

    Untrusted search path vulnerability in Jtrim 1.53c and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.... Read more

    Affected Products : jtrim
    • Published: Mar. 09, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-0423

    A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router could allow an unauthenticated, remote attacker to cause a denial o... Read more

    • Published: Oct. 05, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293354 Results