Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.3

    HIGH
    CVE-2003-0825

    The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbit... Read more

    • Published: Mar. 03, 2004
    • Modified: Apr. 03, 2025

  • 9.3

    HIGH
    CVE-2011-0038

    Untrusted search path vulnerability in Microsoft Internet Explorer 8 might allow local users to gain privileges via a Trojan horse IEShims.dll in the current working directory, as demonstrated by a Desktop directory that contains an HTML file, aka "Intern... Read more

    • Published: Feb. 10, 2011
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2013-1346

    mpengine.dll in Microsoft Malware Protection Engine before 1.1.9506.0 on x64 platforms allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file.... Read more

    Affected Products : malware_protection_engine
    • Published: May. 15, 2013
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-7298

    An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 request. This occurs when any HNAP API function triggers a call to t... Read more

    Affected Products : dir-823g_firmware dir-823g
    • Published: Feb. 01, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7287

    A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.4. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : iphone_os
    • Actively Exploited
    • Published: Dec. 18, 2019
    • Modified: Feb. 28, 2025

  • 9.3

    HIGH
    CVE-2019-7285

    A use after free issue was addressed with improved memory management. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary code execut... Read more

    Affected Products : itunes iphone_os tvos safari icloud
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7111

    Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code ex... Read more

    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7125

    Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution... Read more

    • Published: May. 23, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7079

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code ex... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7072

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2010-3097

    Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote FTP servers to overwrite arbitrary files via a "..\" (dot dot backslash) in a filename.... Read more

    Affected Products : frigate_3
    • Published: Aug. 20, 2010
    • Modified: Apr. 11, 2025

  • 9.3

    HIGH
    CVE-2019-7048

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-7044

    Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code executi... Read more

    • Published: May. 24, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2008-3877

    Stack-based buffer overflow in Acoustica Mixcraft 4.1 Build 96 and 4.2 Build 98 allows user-assisted attackers to execute arbitrary code via a crafted .mx4 file. NOTE: it was later reported that version 3 is also affected.... Read more

    Affected Products : mixcraft
    • Published: Sep. 02, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3871

    Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a (1) DAA or (2) ISZ file.... Read more

    Affected Products : ultraiso
    • Published: Apr. 01, 2009
    • Modified: Apr. 09, 2025

  • 9.3

    HIGH
    CVE-2008-3872

    Adobe Flash Player 8.0.39.0 and earlier, and 9.x up to 9.0.115.0, allows remote attackers to bypass the allowScriptAccess parameter setting via a crafted SWF file with unspecified "Filter evasion" manipulations.... Read more

    Affected Products : flash_player
    • Published: Oct. 06, 2008
    • Modified: Apr. 09, 2025

  • 9.3

    CRITICAL
    CVE-2019-6538

    The Conexus telemetry protocol utilized within Medtronic MyCareLink Monitor versions 24950 and 24952, CareLink Monitor version 2490C, CareLink 2090 Programmer, Amplia CRT-D, Claria CRT-D, Compia CRT-D, Concerto CRT-D, Concerto II CRT-D, Consulta CRT-D, Ev... Read more

    • Published: Mar. 25, 2019
    • Modified: May. 22, 2025

  • 9.3

    HIGH
    CVE-2019-6210

    A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos tv_os
    • Published: Mar. 05, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-6201

    Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. Processing maliciously crafted web content may lead to arbitrary c... Read more

    Affected Products : itunes iphone_os tvos safari icloud
    • Published: Dec. 18, 2019
    • Modified: Nov. 21, 2024

  • 9.3

    HIGH
    CVE-2019-6213

    A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.... Read more

    Affected Products : macos mac_os_x iphone_os tvos watchos tv_os
    • Published: Mar. 05, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 294693 Results