Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2019-8590

    A logic issue was addressed with improved restrictions. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-8555

    A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-8535

    A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code exec... Read more

    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-8539

    A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code wi... Read more

    Affected Products : macos mac_os_x
    • Published: Oct. 27, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2004-1114

    Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.... Read more

    Affected Products : skype
    • Published: Jan. 10, 2005
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2019-8506

    A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, watchOS 5.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary ... Read more

    • Actively Exploited
    • Published: Dec. 18, 2019
    • Modified: Feb. 28, 2025

  • 9.3

    HIGH
    CVE-2008-3961

    Multiple unspecified vulnerabilities in Adobe Illustrator CS2 on Macintosh allow user-assisted attackers to execute arbitrary code via a crafted AI file.... Read more

    Affected Products : illustrator
    • Published: Sep. 18, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2015-6103

    The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows remote attackers to exe... Read more

    • Published: Nov. 11, 2015
    • Modified: Apr. 12, 2025

  • 9.3

    HIGH
    CVE-2019-8183

    Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow vulnerability. Successful exploitation could lead to ar... Read more

    • Published: Oct. 17, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    CRITICAL
    CVE-2020-11035

    In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6.... Read more

    Affected Products : fedora glpi
    • Published: May. 05, 2020
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2004-0273

    Directory traversal vulnerability in RealOne Player, RealOne Player 2.0, and RealOne Enterprise Desktop allows remote attackers to upload arbitrary files via an RMP file that contains .. (dot dot) sequences in a .rjs skin file.... Read more

    • Published: Nov. 23, 2004
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2010-1296

    Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) .ASL, (2) .ABR, or (3) .GRD file.... Read more

    Affected Products : photoshop photoshop_cs4
    • Published: May. 27, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2003-1564

    libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested e... Read more

    Affected Products : libxml2
    • Published: Dec. 31, 2003
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2003-1572

    Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .da... Read more

    Affected Products : jmf
    • Published: Jun. 01, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-7994

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7976

    Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have an out of bound write vulnerability. Successful exploitation could lead to arbitrary code execution.... Read more

    Affected Products : macos photoshop_cc windows
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-3919

    Unspecified vulnerability in multiple JustSystems Ichitaro products allows remote attackers to execute arbitrary code via a crafted JTD document, as exploited in the wild in August 2008.... Read more

    Affected Products : ichitaro
    • Published: Sep. 04, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2019-7830

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a use after free vulnerability. Successful ex... Read more

    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7827

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a heap overflow vulnerability. Successful exp... Read more

    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7820

    Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier have a type confusion vulnerability. Successful ex... Read more

    • Published: May. 22, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 294527 Results