Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2022-26754

    A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos
    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2022-26721

    A memory initialization issue was addressed. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to gain root privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: May. 26, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-1482

    Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by injecting these commands into an application script, aka Bug ID CSCuy83130.... Read more

    Affected Products : webex_meetings_server
    • Published: Sep. 17, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1464

    Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375.... Read more

    Affected Products : webex_meetings webex_wrf_player_t29
    • Published: Sep. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1244

    The extractTree function in unADF allows remote attackers to execute arbitrary code via shell metacharacters in a directory name in an adf file.... Read more

    Affected Products : debian_linux unadf
    • Published: Oct. 03, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1028

    Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • Published: Apr. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1020

    Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • Published: Apr. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-43756

    Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by an Out-of-bounds Write vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitatio... Read more

    Affected Products : macos media_encoder windows
    • Published: Jun. 15, 2022
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-1018

    Stack-based buffer overflow in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via crafted JPEG-XR data.... Read more

    • Published: Apr. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1022

    Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • Published: Apr. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1013

    Use-after-free vulnerability in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability... Read more

    • Published: Apr. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2016-1015

    Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code by overriding NetConnection object properties to leverage an unspecified "type con... Read more

    • Published: Apr. 09, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2021-40733

    Adobe Animate version 21.0.9 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .psd file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is requir... Read more

    Affected Products : windows animate
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2021-39826

    Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability. An authenticated attacker could leverage this vulnerability to execute arbitrary commands. User interaction is required to abuse this vulnerab... Read more

    Affected Products : macos digital_editions
    • Published: Sep. 27, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2024-39373

    TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the manipulation of settings and could allow an attacker to gain unauthorized access to the system with administrative privileges.... Read more

    • Published: Jun. 27, 2024
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10697

    react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (R... Read more

    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10689

    The windows-iedriver module downloads fixed version of iedriverserver.exe windows-iedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the reques... Read more

    Affected Products : windows-iedriver
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10698

    mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the reque... Read more

    Affected Products : mystem-fix
    • Published: May. 29, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10684

    healthcenter - IBM Monitoring and Diagnostic Tools health Center agent healthcenter downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested res... Read more

    Affected Products : healthcenter
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2016-10686

    fis-sass-all is another libsass wrapper for node. fis-sass-all downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attack... Read more

    Affected Products : fis-sass-all
    • Published: Jun. 04, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293554 Results