Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2015-2737

    The rx::d3d11::SetBufferData function in the Direct3D 11 implementation in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 reads data from uninitialized memory locations, which has unspecified im... Read more

    • EPSS Score: %0.94
    • Published: Jul. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-1132

    fontd in Apple Type Services (ATS) in Apple OS X before 10.10.3 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1131, CVE-2015-1133, CVE-2015-1134, and CVE-2015-1135.... Read more

    Affected Products : mac_os_x mac_os_x
    • EPSS Score: %1.33
    • Published: Apr. 10, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0779

    Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR fil... Read more

    Affected Products : zenworks_configuration_management
    • EPSS Score: %80.15
    • Published: Jun. 07, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-3061

    Adobe Reader and Acrobat 10.x before 10.1.14 and 11.x before 11.0.11 on Windows and OS X allow attackers to bypass intended restrictions on JavaScript API execution via unspecified vectors, a different vulnerability than CVE-2015-3060, CVE-2015-3062, CVE-... Read more

    Affected Products : mac_os_x acrobat acrobat_reader windows
    • EPSS Score: %3.03
    • Published: May. 13, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0459

    Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.... Read more

    • EPSS Score: %10.71
    • Published: Apr. 16, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0355

    Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • EPSS Score: %4.16
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0350

    Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a differ... Read more

    • EPSS Score: %4.16
    • Published: Apr. 14, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2015-0325

    Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via unknow... Read more

    • EPSS Score: %8.68
    • Published: Feb. 06, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2021-20623

    Video Insight VMS versions prior to 7.8 allows a remote attacker to execute arbitrary code with the system user privilege by sending a specially crafted request.... Read more

    Affected Products : video_insight_vms
    • EPSS Score: %2.08
    • Published: Feb. 05, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2021-20658

    SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS commands with the web server privilege via unspecified vectors.... Read more

    Affected Products : sv-cpt-mc310_firmware sv-cpt-mc310
    • EPSS Score: %2.14
    • Published: Feb. 24, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-8440

    Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to ... Read more

    • EPSS Score: %88.01
    • Published: Nov. 11, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-8438

    Use-after-free vulnerability in Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler befor... Read more

    • EPSS Score: %8.72
    • Published: Nov. 11, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-6549

    Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.... Read more

    Affected Products : jdk jre
    • EPSS Score: %1.07
    • Published: Jan. 21, 2015
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2021-20509

    IBM Maximo Asset Management 7.6.0 and 7.6.1 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 198243.... Read more

    • EPSS Score: %0.76
    • Published: Aug. 12, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    HIGH
    CVE-2014-2321

    web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using "set TelnetCfg" commands to enable a TELNET service with specified credentials.... Read more

    Affected Products : f460 f660
    • EPSS Score: %90.03
    • Published: Mar. 11, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2016-7552

    On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS.... Read more

    Affected Products : threat_discovery_appliance
    • EPSS Score: %92.98
    • Published: Apr. 12, 2017
    • Modified: Apr. 20, 2025

  • 10.0

    HIGH
    CVE-2014-1303

    Heap-based buffer overflow in Apple Safari 7.0.2 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by Liang Chen during a Pwn2Own competition at CanSecWest 2014.... Read more

    Affected Products : safari
    • EPSS Score: %36.33
    • Published: Mar. 26, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-1300

    Unspecified vulnerability in Apple Safari 7.0.2 on OS X allows remote attackers to execute arbitrary code with root privileges via unknown vectors, as demonstrated by Google during a Pwn4Fun competition at CanSecWest 2014.... Read more

    Affected Products : mac_os_x safari
    • EPSS Score: %8.53
    • Published: Mar. 26, 2014
    • Modified: Apr. 12, 2025

  • 10.0

    HIGH
    CVE-2014-0648

    The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authentication and authorization requirements, which allows remote attackers to obtain administrative access via a request to this interface, aka Bug ID... Read more

    Affected Products : secure_access_control_system
    • EPSS Score: %8.67
    • Published: Jan. 16, 2014
    • Modified: Apr. 11, 2025

  • 10.0

    HIGH
    CVE-2014-0554

    Adobe Flash Player before 13.0.0.244 and 14.x and 15.x before 15.0.0.152 on Windows and OS X and before 11.2.202.406 on Linux, Adobe AIR before 15.0.0.249 on Windows and OS X and before 15.0.0.252 on Android, Adobe AIR SDK before 15.0.0.249, and Adobe AIR... Read more

    • EPSS Score: %7.69
    • Published: Sep. 10, 2014
    • Modified: Apr. 12, 2025
Showing 20 of 292318 Results