Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2016-5863

    In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.... Read more

    Affected Products : android
    • Published: Aug. 16, 2017
    • Modified: Apr. 20, 2025

  • 9.3

    HIGH
    CVE-2016-1778

    WebKit in Apple iOS before 9.3 and Safari before 9.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.... Read more

    Affected Products : iphone_os safari
    • Published: Mar. 24, 2016
    • Modified: Apr. 12, 2025

  • 9.3

    CRITICAL
    CVE-2020-3955

    ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important sev... Read more

    Affected Products : esxi
    • Published: Apr. 29, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2015-6979

    GasGauge in Apple iOS before 9.1 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.... Read more

    Affected Products : iphone_os watchos
    • Published: Oct. 23, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2015-5844

    IOKit in the kernel in Apple iOS before 9 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app, a different vulnerability than CVE-2015-5845 and CVE-2015-5846.... Read more

    Affected Products : iphone_os watchos
    • Published: Sep. 18, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2020-3899

    A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker... Read more

    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-3903

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.4. An application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-6140

    IBM Tivoli Endpoint Manager Mobile Device Management (MDM) before 9.0.60100 uses the same secret HMAC token across different customers' installations, which allows remote attackers to execute arbitrary code via crafted marshalled Ruby objects in cookies t... Read more

    • Published: Dec. 06, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2020-3897

    A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A remote attacker may... Read more

    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-3893

    A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Apr. 01, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2014-2389

    Stack-based buffer overflow in a certain decryption function in qconnDoor on BlackBerry Z10 devices with software 10.1.0.2312, when developer-mode has been previously enabled, allows remote attackers to execute arbitrary code via a crafted packet in a TCP... Read more

    Affected Products : blackberry_os blackberry_z10
    • Published: Apr. 12, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2020-3842

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-3854

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-3843

    A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4.7, watchOS 5.3.7. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.... Read more

    Affected Products : iphone_os watchos mac_os_x
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-4800

    Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735.... Read more

    Affected Products : loadrunner
    • Published: Jul. 29, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2020-3837

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Actively Exploited
    • Published: Feb. 27, 2020
    • Modified: Feb. 28, 2025

  • 9.3

    HIGH
    CVE-2020-3838

    The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-3829

    An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, macOS Catalina 10.15.3, tvOS 13.3.1, watchOS 6.1.2. An application may be able to gain elevated privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos ipados
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-3845

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3. An application may be able to execute arbitrary code with system privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Feb. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2012-0646

    Format string vulnerability in VPN in Apple iOS before 5.1 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.... Read more

    Affected Products : iphone_os
    • Published: Mar. 08, 2012
    • Modified: Apr. 11, 2025
Showing 20 of 293951 Results