Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2019-8805

    A validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue is fixed in macOS Catalina 10.15.1. An application may be able to execute arbitrary code with system privi... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-8593

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, tvOS 12.3, watchOS 5.2.1. An application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : iphone_os tvos watchos
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-8254

    Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • Published: Dec. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-6218

    A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos
    • Published: Mar. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-15283

    Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities exist due to insufficient vali... Read more

    • Published: Sep. 23, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1327

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1331.... Read more

    Affected Products : office office_365_proplus excel
    • Published: Oct. 10, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1241

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1242, CVE-2019-1243, ... Read more

    • Published: Sep. 11, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-1117

    A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019-1121, CVE-2019-1122... Read more

    • Published: Jul. 15, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-0897

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-0577

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows ... Read more

    • Published: Jan. 08, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8331

    A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office.... Read more

    Affected Products : office excel
    • Published: Sep. 13, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8265

    A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages, aka "Microsoft Exchange Remote Code Execution Vulnerability." This affects Microsoft Exchange Server.... Read more

    Affected Products : exchange_server
    • Published: Oct. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8256

    A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0... Read more

    • Published: Nov. 14, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-8176

    A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office.... Read more

    Affected Products : office office_for_mac
    • Published: May. 23, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-20969

    do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.... Read more

    Affected Products : patch
    • Published: Aug. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-3217

    CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker... Read more

    • Published: Jul. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-3116

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful ex... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-3117

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could ... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-3121

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the Enhanced Metafile Format (EMF) parser. Successful exploitation could... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-3123

    Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when processing Enhanced Metafile Format (EM... Read more

    • Published: Aug. 11, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 293328 Results