Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2020-27921

    A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with ker... Read more

    Affected Products : macos mac_os_x
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-27907

    A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. An application may be able to execute arbitrary cod... Read more

    Affected Products : macos
    • Published: Apr. 02, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2020-27903

    This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to gain elevated privileges.... Read more

    Affected Products : macos
    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-5357

    Integer overflow in Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; SDK and JRE 1.4.2_18 and earlier; and SDK and JRE 1.3.1_23 and earlier might allow remote attackers to execute arbitrary... Read more

    Affected Products : jre sdk jdk
    • Published: Dec. 05, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2020-27917

    A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. Processing maliciously crafted web cont... Read more

    • Published: Dec. 08, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2013-7283

    Race condition in the libreswan.spec files for Red Hat Enterprise Linux (RHEL) and Fedora packages in libreswan 3.6 has unspecified impact and attack vectors, involving the /var/tmp/libreswan-nss-pwd temporary file.... Read more

    Affected Products : libreswan
    • Published: Jan. 09, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2021-40751

    Adobe After Effects version 18.4 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious .m4a file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is re... Read more

    Affected Products : windows after_effects
    • Published: Nov. 18, 2021
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2011-0560

    Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-... Read more

    Affected Products : flash_player
    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-7136

    The UPC Ireland Cisco EPC 2425 router (aka Horizon Box) does not have a sufficiently large number of possible WPA-PSK passphrases, which makes it easier for remote attackers to obtain access via a brute-force attack.... Read more

    Affected Products : ireland_cisco_epc2425
    • Published: Dec. 19, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-7246

    Buffer overflow in the IconCreate method in an ActiveX control in the DaumGame ActiveX plugin 1.1.0.4 and 1.1.0.5 allows remote attackers to execute arbitrary code via a long string, as exploited in the wild in January 2014.... Read more

    Affected Products : daumgame_activex_control
    • Published: Jan. 30, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2011-0618

    Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.... Read more

    • Published: May. 13, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-6935

    Buffer overflow in VideoCharge Software Watermark Master 2.2.23 allows remote attackers to execute arbitrary code via a long string in the SourcePath value in a .wcf file.... Read more

    Affected Products : watermark_master
    • Published: Dec. 04, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2012-1939

    jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute a... Read more

    Affected Products : firefox firefox_esr thunderbird_esr
    • Published: Jun. 05, 2012
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2015-2408

    Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE... Read more

    Affected Products : internet_explorer
    • Published: Jul. 14, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2011-1261

    Microsoft Internet Explorer 6 through 9 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, aka "Selection Object Memory Corrup... Read more

    • Published: Jun. 16, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-6795

    The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that over... Read more

    Affected Products : openstack_windows_guest_agent
    • Published: Dec. 24, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2014-1774

    Microsoft Internet Explorer 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2014-1788 ... Read more

    Affected Products : internet_explorer
    • Published: Jun. 11, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-6771

    Directory traversal vulnerability in the collect script in Splunk before 5.0.5 allows remote attackers to execute arbitrary commands via a .. (dot dot) in the file parameter. NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2... Read more

    Affected Products : splunk
    • Published: Aug. 07, 2014
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2013-6724

    Unspecified vulnerability in the vsflex8l ActiveX control in IBM SPSS SamplePower 3.0.1 before FP1 IF1 allows remote attackers to execute arbitrary code via a crafted ComboList property value.... Read more

    Affected Products : spss_samplepower
    • Published: Feb. 01, 2014
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2017-8464

    Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows local users or remote attackers to exe... Read more

    • Actively Exploited
    • Published: Jun. 15, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294265 Results