Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2020-3161

    A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is du... Read more

    • Actively Exploited
    • EPSS Score: %80.82
    • Published: Apr. 15, 2020
    • Modified: Feb. 24, 2025

  • 10.0

    HIGH
    CVE-2017-1000228

    nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function... Read more

    Affected Products : ejs
    • EPSS Score: %7.18
    • Published: Nov. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-1000169

    QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of the server hosting QuickerBB.... Read more

    Affected Products : quickerbb
    • EPSS Score: %3.44
    • Published: Nov. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-1000082

    systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. "0day"), running the service in question with root privileges rather than the user intended.... Read more

    Affected Products : systemd
    • EPSS Score: %0.47
    • Published: Jul. 07, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-1000020

    SYN Flood or FIN Flood attack in ECos 1 and other versions embedded devices results in web Authentication Bypass. "eCos Embedded Web Servers used by Multiple Routers and Home devices, while sending SYN Flood or FIN Flood packets fails to validate and hand... Read more

    Affected Products : embedded_web_servers soho soho
    • EPSS Score: %1.13
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-1000060

    EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root... Read more

    Affected Products : eyesofnetwork
    • EPSS Score: %6.57
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2017-0807

    An elevation of privilege vulnerability in the Android framework (ui framework). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-35056974.... Read more

    Affected Products : android
    • EPSS Score: %2.48
    • Published: Oct. 04, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2019-7082

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • EPSS Score: %17.20
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-7060

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code ex... Read more

    • EPSS Score: %2.74
    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-3689

    The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory conta... Read more

    Affected Products : linux_enterprise_server nfs-utils
    • EPSS Score: %0.15
    • Published: Sep. 19, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-0561

    A remote code execution vulnerability in the Broadcom Wi-Fi firmware could enable a remote attacker to execute arbitrary code within the context of the Wi-Fi SoC. This issue is rated as Critical due to the possibility of remote code execution in the conte... Read more

    Affected Products : android linux_kernel
    • EPSS Score: %44.37
    • Published: Apr. 07, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2019-7105

    Adobe XD versions 16.0 and earlier have a path traversal vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : mac_os_x xd
    • EPSS Score: %27.65
    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-15292

    An issue was discovered in the Linux kernel before 5.0.9. There is a use-after-free in atalk_proc_exit, related to net/appletalk/atalk_proc.c, net/appletalk/ddp.c, and net/appletalk/sysctl_net_atalk.c.... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • EPSS Score: %0.95
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-0359

    diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.... Read more

    Affected Products : debian_linux diffoscope
    • EPSS Score: %0.54
    • Published: Apr. 13, 2018
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2019-14901

    A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. T... Read more

    • EPSS Score: %10.36
    • Published: Nov. 29, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2017-0028

    A remote code execution vulnerability exists when Microsoft scripting engine improperly accesses objects in memory. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. An a... Read more

    Affected Products : edge
    • EPSS Score: %19.63
    • Published: Jul. 17, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-9967

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privi... Read more

    Affected Products : samsung_mobile
    • EPSS Score: %0.49
    • Published: Dec. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-9961

    game-music-emu before 0.6.1 mishandles unspecified integer values.... Read more

    • EPSS Score: %2.85
    • Published: Jun. 06, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2016-9966

    Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privi... Read more

    Affected Products : samsung_mobile
    • EPSS Score: %0.49
    • Published: Dec. 16, 2016
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2018-7445

    A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before... Read more

    Affected Products : routeros
    • Actively Exploited
    • EPSS Score: %87.80
    • Published: Mar. 19, 2018
    • Modified: Aug. 15, 2025
Showing 20 of 292737 Results