Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2019-1034

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security cont... Read more

    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0053

    Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a cra... Read more

    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0052

    Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsof... Read more

    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0030

    Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of servi... Read more

    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0072

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different ... Read more

    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2019-0974

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more

    • Published: Jun. 12, 2019
    • Modified: May. 20, 2025

  • 9.3

    HIGH
    CVE-2019-0900

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, ... Read more

    • Published: May. 16, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-0795

    A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0790, CVE-2019-0791, CVE-2019-0792, CVE-2019-0793.... Read more

    • Published: Apr. 09, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-0003

    Microsoft Word 2016 and SharePoint Enterprise Server 2016 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."... Read more

    Affected Products : sharepoint_enterprise_server word
    • Published: Jan. 10, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2017-0031

    Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vu... Read more

    Affected Products : office word office_compatibility_pack
    • Published: Mar. 17, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-9949

    An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.... Read more

    Affected Products : ubuntu_linux apport
    • Published: Dec. 17, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2018-8392

    A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 ... Read more

    • Published: Sep. 13, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2018-4193

    An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) ... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Jun. 08, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-9587

    Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ans... Read more

    Affected Products : openstack ansible ansible
    • Published: Apr. 24, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-40505

    Directory Traversal vulnerability in D-Link DAP-1650 Firmware v.1.03 allows a local attacker to escalate privileges via the hedwig.cgi component.... Read more

    Affected Products : dap-1650_firmware dap-1650
    • Published: Jul. 16, 2024
    • Modified: May. 29, 2025

  • 9.3

    HIGH
    CVE-2018-12860

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2017-8631

    A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office W... Read more

    • Published: Sep. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-9120

    Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.... Read more

    Affected Products : linux_kernel
    • Published: Dec. 08, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2017-7077

    An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "IOFireWireFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) ... Read more

    Affected Products : mac_os_x mac_os_x
    • Published: Oct. 23, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2018-15936

    Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    • Published: Oct. 12, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293496 Results